Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
Fredrik_Lautrup
Employee
Employee
‎2014-02-26 12:12 AM

Trust between services in a QlikView installation

When you use a platform that consists of several services such as QlikView, you need to build trust into the platform to make it secure.  The trust will protect the platform from external threats pretending to be part of the QlikView installation to get access to information.

Trust2.png

Every time you go from one trust zone to another you need to cross a trust boundary and that means that you need to authenticate. Examples of when you cross trust boundaries in QlikView include going from your computer trust zone to the application using the browser, using the browser to access the administrative interface, loading data from a data source into QlikView, and each time you need to authenticate.

In QlikView, there are two ways to create the internal trust zone between the QlikView Services:

  1. Windows Integrated Security: the services will authenticate to each other through the use of Windows built in Security.
  2. Certificate Security: each service needs to have a valid certificate from the QlikView installation to be allowed to communicate.

Both of these create trust between the services and hinder unauthorized computers from being able to interact with the QlikView Services, but there are situations where one is better than the other.

You need to protect the communication between the QlikView services from eavesdropping
In this case you should choose certificate trust because that also enables encryption of all traffic between services using SSL/TLS.

You only use Windows infrastructure
Choose Windows Integrated Security as this will be where you have knowledge and it is easiest for you to setup.

All QlikView services do not have access to the Active Directory or you dont have an Active Directory
Use certificates these will function without a Windows Active Directory.

It is also important to understand that you cannot mix how you create trust in QlikView; either you use Windows Integrated Security or you use Certificates.

When you have chosen the most appropriate way of creating trust, look through the technical requirements found in the Server reference manual before installing to make sure it fits your needs and environment.

To summarize, QlikView has two ways to create trust between services.  Both have their benefits; however there are use cases when one is preferred over the other. Which have you used and what benefits have you seen?  I would be interested in your comments and questions!

Tags (2)
4,460 Views
6 Comments
Subscribe by Topic