Solved: Section access based on session attributes - Qlik Community

daniel_peger · ‎2015-05-07

I'm wondering if it is possible in Qlik Sense to use section access based on a user's session attributes.

We are currently using session attributes in Qlik Sense to grant user access to certain streams by attaching a corresponding security rule to the stream:

(user.environment.applicationId="my1stQlikApplication")

By using the QPS addSession method one can attach arbitrary attributes to a user session:

{

"UserDirectory": "QLIK",

"UserId": "someUser",

"Attributes": [ { "applicationId": "my1stQlikApplication" }, { "applicationId": "my2ndQlikApplication" }, ... ],

"SessionId": "random UUID"
}

Given the above addSession-Request the user QLIK\someUser would be able to access a stream with the mentioned security rule.

Is it possible to evaluate these session attributes in an application's load script (i.e. to implement row level security using section access)? And if 'yes', how?

daniel_peger · ‎2015-07-27

According to Qlik's support the only information that can be used to implement "Section Access" in Qlik Sense currently is the user's name and group information.

We solved this by setting up a ODBC user directory in Qlik and reading the used restrictions from the user attributes table of this directory.

View solution in original post

daniel_peger · ‎2015-07-27

According to Qlik's support the only information that can be used to implement "Section Access" in Qlik Sense currently is the user's name and group information.

We solved this by setting up a ODBC user directory in Qlik and reading the used restrictions from the user attributes table of this directory.