Skip to main content

Qlik Community

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
You can succeed best and quickest by helping others to succeed. Join the conversation.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
alechekhova
Contributor
Contributor
‎2021-11-12 03:06 AM

View app as another user

Hello everyone!

Is it possible in Qlik Sense to load app and view it as another user

I am implementing Section Access into my apps and i want to view, how certain rules are applied to certain users

Is there any way to do it except setting the rules I want to check for myself?

 

Thanks in advance!

Alexandra

 

Labels (1)
Labels
1,122 Views
0 Likes
1 Solution

Accepted Solutions
Alexis_Touet
Former Employee
Former Employee
‎2021-11-15 03:59 AM

Hi @alechekhova 

If your users are authenticated with ntlm, you can use the following script to impersonate them. 

You will need to have the QS Qlikclient certificate for the script to work, so it is best to run on a server in your environment where QS is installed.

# Generate proxy ticket 

$body = '{
  "UserDirectory": "Domain",
  "UserId": "userIDyouwanttoimpersonate"
   }'
   $hdrs = @{}
   $hdrs.Add("X-Qlik-xrfkey","iX83QmNlvu87yyAB")
   $hdrs.Add("X-Qlik-User","UserDirectory=DOMAIN;UserId=qvservice")
   $url = "https://<QlikSenseFQDN>:4243/qps/ticket?xrfkey=iX83QmNlvu87yyAB"
   $cert = Get-ChildItem -Path "Cert:\CurrentUser\My" | Where {$_.Subject -like '*QlikClient*'}
   Invoke-RestMethod -Uri $url -Method Post -Body $body -ContentType 'application/json' -Headers $hdrs -Certificate $cert

Once your ticket will be generated you can login as the user by pasting the ticket in your URL

https://qlikserver1.domain.local/hub?qlikticket=xxxx

Replace xxxx with your ticket.

Hope this helps.

Please don't forget to mark a correct resolution or answer to your problem or question as correct, as it will help other members to find solutions more easily 😉

View solution in original post

958 Views
5 Replies
Maria_Halley
Support
Support
‎2021-11-12 03:28 AM

@alechekhova

 

Here is a video on the subject, however this is made for SaaS but most is applicable. 

 

https://community.qlik.com/t5/Knowledge/Troubleshooting-Section-Access-in-Qlik-Sense-Enterprise/ta-p...

 

 

1,097 Views
0 Likes
alechekhova
Contributor
Contributor
‎2021-11-12 04:19 AM
Author

In response to Maria_Halley

Maria, thank you very much! The video was very useful and I can implement it in my apps!

However, I would also like to know, if it possible to sort of log in as another user.

By logging in as another user I want to check, whether Section Access part of the script is written correctly and interprets user ids properly. In the past I had problems where I would print in user ids in the wrong register or lets imagine, I made a typo:) With the method shown in the video, I would be able to see the app as all the users I included in Section Access, by commenting the Section Access declaration lines. However then it would be just a field from an inline load and I might as well just type 'User1' and 'User2' as user ids. I would still be able to use the Test filter, but the Section Access won`t work, since there are no User1 and User2.

So what I`m trying to say is is there a way to see how Section Access would act after an actual log in of a certain user

Hope that makes sense:)

 

1,065 Views
0 Likes
Maria_Halley
Support
Support
‎2021-11-12 05:02 AM

In response to alechekhova

@alechekhova

 

I understand what you mean, but I'm sorry, I don't know. 

 

Hopefully someone else can help further here. 

1,046 Views
0 Likes
abhijitnalekar
Specialist II
Specialist II
‎2021-11-12 06:26 AM

In response to alechekhova

Hi @alechekhova ,

Yes, you can log in with the other user.

Either you need to open hub from a different browser or the same browser but in  incognito mode

Regards,
Abhijit
keep Qliking...
Help users find answers! Don't forget to mark a solution that worked for you!
1,021 Views
0 Likes
Alexis_Touet
Former Employee
Former Employee
‎2021-11-15 03:59 AM

Hi @alechekhova 

If your users are authenticated with ntlm, you can use the following script to impersonate them. 

You will need to have the QS Qlikclient certificate for the script to work, so it is best to run on a server in your environment where QS is installed.

# Generate proxy ticket 

$body = '{
  "UserDirectory": "Domain",
  "UserId": "userIDyouwanttoimpersonate"
   }'
   $hdrs = @{}
   $hdrs.Add("X-Qlik-xrfkey","iX83QmNlvu87yyAB")
   $hdrs.Add("X-Qlik-User","UserDirectory=DOMAIN;UserId=qvservice")
   $url = "https://<QlikSenseFQDN>:4243/qps/ticket?xrfkey=iX83QmNlvu87yyAB"
   $cert = Get-ChildItem -Path "Cert:\CurrentUser\My" | Where {$_.Subject -like '*QlikClient*'}
   Invoke-RestMethod -Uri $url -Method Post -Body $body -ContentType 'application/json' -Headers $hdrs -Certificate $cert

Once your ticket will be generated you can login as the user by pasting the ticket in your URL

https://qlikserver1.domain.local/hub?qlikticket=xxxx

Replace xxxx with your ticket.

Hope this helps.

Please don't forget to mark a correct resolution or answer to your problem or question as correct, as it will help other members to find solutions more easily 😉
959 Views