https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073943#M17645 <HTML><HEAD></HEAD><BODY><P>Hello, i need to know the logic of the evaluation of the security rules in qmc</P><P>In this case are them evaluated in '<EM>and</EM>' condition or in '<EM>or</EM>' condition?</P><P></P><P><IMG alt="sec_rules.png" class="jive-image image-1" src="https://community.qlik.com/legacyfs/online/116665_sec_rules.png" style="height: 193px; width: 620px;" /></P><P>Thanks</P><P>Marco</P></BODY></HTML> Wed, 02 Mar 2016 16:31:32 GMT marco_puccetti 2016-03-02T16:31:32Z https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073943#M17645 <HTML><HEAD></HEAD><BODY><P>Hello, i need to know the logic of the evaluation of the security rules in qmc</P><P>In this case are them evaluated in '<EM>and</EM>' condition or in '<EM>or</EM>' condition?</P><P></P><P><IMG alt="sec_rules.png" class="jive-image image-1" src="https://community.qlik.com/legacyfs/online/116665_sec_rules.png" style="height: 193px; width: 620px;" /></P><P>Thanks</P><P>Marco</P></BODY></HTML> Wed, 02 Mar 2016 16:31:32 GMT https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073943#M17645 marco_puccetti 2016-03-02T16:31:32Z https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073944#M17646 <HTML><HEAD></HEAD><BODY><P>A user begins with no access at all. You can only add permissions, not remove them. So any rule that gives a user permission to do something with an object will result in that user having that permission. Other rules cannot undo this.</P></BODY></HTML> Thu, 03 Mar 2016 12:59:18 GMT https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073944#M17646 Gysbert_Wassenaar 2016-03-03T12:59:18Z https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073945#M17647 <HTML><HEAD></HEAD><BODY><P>In this case how are applied the streams within a rule?</P><P>When there are two roles</P><P></P><UL><LI><STRONG>ContentAdmin</STRONG></LI><LI><STRONG>SecurityAdmin</STRONG></LI><LI><STRONG>RootAdmin</STRONG></LI></UL><P></P><P><SPAN style="text-decoration: underline;"><STRONG>In "and" or in "or" logic condition</STRONG></SPAN>? </P><P></P><P><IMG alt="content_admin.png" class="jive-image image-2" src="https://community.qlik.com/legacyfs/online/116803_content_admin.png" style="height: 497px; width: 620px;" /></P><P><IMG alt="security_admin.png" class="jive-image image-3" src="https://community.qlik.com/legacyfs/online/116810_security_admin.png" style="height: 503px; width: 620px;" /></P><P></P><P><IMG alt="root_admin.png" class="image-4 jive-image" src="https://community.qlik.com/legacyfs/online/116811_root_admin.png" style="height: 497px; width: 620px;" /></P><P></P><P>with different types of authorization, which of them are applied or they are applied both at the same time?</P><P></P><P>My question is the following: i have a mashup application (extension) that is configured to be accessible locally, but from external machine (even if the access is set to anonymous) i get this error (the local user has the role of <STRONG>RootAdmin</STRONG> and it's also configured in the securityu rules):</P><P></P><P><IMG alt="NoAvailableAccess.png" class="jive-image image-1" src="https://community.qlik.com/legacyfs/online/116801_NoAvailableAccess.png" style="height: auto;" /></P><P>So i have considered the error due to a bad server configuration. Have i to change the Resource filter too?</P><P></P><P>Thanks</P><P>Marco</P></BODY></HTML> Thu, 03 Mar 2016 14:07:46 GMT https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073945#M17647 marco_puccetti 2016-03-03T14:07:46Z https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073946#M17648 <HTML><HEAD></HEAD><BODY><P>Hi Marco - let me put another set of eyes on this.</P><P></P><P><A href="https://community.qlik.com/qlik-users/4919">jog</A>‌ - anything you want to add?</P><P></P><P></P><P>Please mark the appropriate replies as CORRECT / HELPFUL so our team and other members know that your question(s) has been answered to your satisfaction.</P><P></P><P>Regards,</P><P>Mike Tarallo</P><P>Qlik</P></BODY></HTML> Thu, 03 Mar 2016 15:39:56 GMT https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073946#M17648 Michael_Tarallo 2016-03-03T15:39:56Z https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073947#M17649 <HTML><HEAD></HEAD><BODY><P>No available access type means they don't have a token allocated to them to access.&nbsp; This is a license access rule issue and not a security rule issue.</P><P></P><P>License rules are evaluated first to authenticate you to Qlik Sense (that is allocate a token).</P><P></P><P>Security rules are evaluated second to authorize your capabilities and access to Qlik Sense resources.</P><P></P><P>As Gysbert said, all security rules are additive.&nbsp; They will run in whatever order they run, but the most privilege rule will win out.&nbsp; Moreover, security rules are constantly re-evaluated against the user in the event their access changes during a session.</P></BODY></HTML> Thu, 03 Mar 2016 16:22:11 GMT https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073947#M17649 2016-03-03T16:22:11Z https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073948#M17650 <HTML><HEAD></HEAD><BODY><P>I have tried to configure a login access rule but it doesn't work properly:</P><P></P><P><IMG alt="licence_access_rules.png" class="jive-image image-1" src="https://community.qlik.com/legacyfs/online/116855_licence_access_rules.png" style="height: 425px; width: 620px;" /></P><P></P><P>What have i to change in order to give the access to the extensions objects, to any machine in the net without any kind of credential?</P><P></P><P>Thanks</P><P>Marco</P></BODY></HTML> Thu, 03 Mar 2016 16:54:33 GMT https://community.qlik.com/t5/App-Development/QlikSense-Security-Rules/m-p/1073948#M17650 marco_puccetti 2016-03-03T16:54:33Z