Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

How to limit stream visiblity

Hi All,

I don't know if there was an option for this, but I would be interested to limit visibility of a stream.

What I mean is:

I have a multinode environment. I would like to create a stream (and publish apps in that stream) which is only visible if I go to the slave node hub (or central node, but only one of the access points) access point.

Would be a solution for this limitation?

Thanks,

G

13 Replies
Not applicable
Author

Gergo,

Security rules are the best way to implement what you are trying to do here.  Traditionally, security rules for streams are tied to users, thus, the user that logs in sees the streams they have access to see.

When it comes to multi-node, I can think of a number of ways to get to the result you are envisioning.

1.  Use a virtual proxy to drive users to a specific node where the app is loaded.

2.  Use security rules to make an app available on a specific node.

You may be able to use security rules to make a stream available on a specific node, but I think it may be a more complicated rule than the options above.

Jeff G

Not applicable
Author

Hi Jeff,

Thanks for your answer.

The first solution looks good to me. Could you help me/point me towards the solution?

Any help would be appreciated

Thanks,

G

Not applicable
Author

Gergo,

Here are some links for setting up virtual proxies.

Virtual Proxies: http://help.qlik.com/sense/en-US/online/#../Subsystems/ManagementConsole/Content/QMC_VirtualProxies_...

Load Balancing nodes using Virtual Proxies: http://help.qlik.com/sense/en-US/online/#../Subsystems/ManagementConsole/Content/QMC_Resources_QPS_L...

Setting up Virtual Proxies: Configure Qlik Sense 1.1 Virtual Proxy for Web Ticketing

If you want to go the security rules path, I recommend watching the following webinar along with some of the Qlik Sense videos here on Community.

Qlik Sense Security Rules: SenseSecurityRules.mp4 - Google Drive

Regards,

Jeff G

Not applicable
Author

Hi Jeff,

Thank you very much for the links. I have had a look at them, but still can't work out how could I add a stream to a virtual proxy... can't find out how to llimit the access of the stream to one server. I want this stream to only be visible if i login to serverA\hub but not when I login serverB\hub - obviously I have a multinode envirinment with 1 central node and 1 slave node.

Not applicable
Author

Gergo,

Under the premise that users are tied to streams, you direct users through a virtual proxy that only runs on a specific node.  Therefore, the user will only go to the node, and the stream exists there because the user is tied to the stream.

Here are the available resource filters for security rules.  It looks like it may be possible to create a security rule for a stream with a virtual proxy as a condition.
http://help.qlik.com/sense/en-US/online/#../Subsystems/ManagementConsole/Content/QMC_Entity_Rules_Re...

The premise here is that the stream is available through a virtual proxy only.  The virtual proxy is tied to a specific node in your multi-node deployment.  Therefore, the user has to login through the specific virtual proxy to access the stream which is on the specific node via virtual proxy configuration.

Not applicable
Author

Jeff,

Thank you very much for your help.

I had a look at these filters, I can't find them in the security rules... Only can see user, strem and stream.name.

How can I filter bu these resources.

Sorry for the basic question but this stuff is quiet new for me.

Thank you,

G

Not applicable
Author

Gergo,

When it comes to security rules it very quickly becomes not a basic question.  For the rule you are going to try to build you are going to need to use the advanced editor instead of the basic ui seen in security rules.  The best thing to do is to start by looking at the default security rules that exist in the QMC.  Virtual Proxy is a resource filter used in a couple of rules, one of them is the SecurityAdmin role giving them access to Virtual Proxies.

So what you are going to want to do is specify a rule for a specific stream and identify the conditions in the appropriate way (samples here).

So in theory something like :

resource.resourcetype="Virtual Proxy" and resource.name="MyVirtualProxy" under the conditions for the stream rule will work.  You will likely want to supply an attribute for a user group as well because in this case anyone who comes in on the virtual proxy is going to see the stream, and you may not want that.

Unfortunately, there is no simple answer for what you want to do.  I've given you some options that do simplify but you seem insistent on going down a specific path.  At this point, you are going to have to do some hunting to get to your final answer, but I'm happy to guide you along your journey.

Please mark responses that have been helpful as such, and if you have additional questions feel free to add to this thread or private message me.

jg

Not applicable
Author

Jeff,

Thank you for all your help. I wil ltry to play around a bit. Very useful links. I'll let you know how I am getting on.

Regards,

G

Not applicable
Author

Hi Jeff,

Sorry to bother you again. I have had a look at the links - as far as I can see the resource can be only associated with the streams and not oposite. I would like to associate the stream to a node.
I have created an advanced condition:

((resource.resourcetype="Virtual Proxy" and resource.name="TEST08 Proxy" and !user.IsAnonymous()))

But it doesn't want to work. It's a test environment, if everyone can access that's not a problem. What I want to do first is to make the stream only visible on one of the nodes (TEST08).

Could you give me an idea please what's wrong here?

Many thanks,

G