Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
With the Service Release 2 for Qlik Sense 3.1 the release notes mention the new ability
Support for disabling user access to the hub Resource filters can be used to restrict user access to the hub.
How can this be achieved? I figured a new security rule 'HubSections', but no matter whether I left it to true or changed it to false, it wouldn't make the hub behave differently at all. Has anybody more information on this topic?
Thanks alot
Thomas
Current implementation is limiting in that it will not limit access to the hub but it will remove the link from the app back to the hub.
So if you change the rule "HubSections" condition to something like
user.group="NoHubAccess"
This would mean that for the users in the group NoHubAcces the link from the app back to the hub will disappear.
In most use cases I think this would be enough, but if there are needs to limit access to the hub it would be good to understand these cases if we need to make improvements in the future.
Thanks Fredrik, I can confirm that the flag does remove the link back to the hub from an App.
We are looking into this feature because one of our installations is used to host branded Mashups exclusively and by entering only the domain name an unsuspecting user can launch the Hub.
Ideally I would like to see a few more features typical to web servers available for cases where the client does not also want to run an IIS instance:
Cheers,
Mark
Thanks for the explanation on this.
Also this new short video will help, I think: Disabling the hub ‒ Qlik Sense
I have tested this (in 3.1.4) and it seems like changing the rule like this would turn ON access to the hub for the group "NoHubAccess".
The default rule is granting access to all users. So shouldn't the rule be user.group!="NoHubAccess"?
Or am I misunderstanding?
You should not add to but replace the behaviour of the default rule. Changing the condition on the default rule would mean that only those matching the condition would get access.
Dear Mark,
You couldnt have summarized it better! I would like to see all those features! None of them are ready? June 2017? September 2017?
Any updates?
Hi Emma,
I don't think that these type of features have made it into the product yet. I believe some folks are using nginx or IIS to achieve them if it is critical (and your budget doesn't allow for a more robust solution like F5 or a web application firewall)...
Cheers,
Mark
Qlik support answered my ticket, and yes, these features are out of the scope (i wanted to open a feature request! No chance!)
regards,
Emma
Thanks for sharing that information, it's good to have confirmation so we can proceed with alternate solutions. I think it makes sense, to an extent, to leverage products that have been specifically designed to tackle these issues.
Cheers,
Mark
We could achieve it with the on-bord instruments: Block user.
All our users have CustomProperty @UserTyp (Consumer, Analyst, Contributor) which we implemented to assign security rules. However with this CustomProperty I can select all users I want to block.
Press Edit(multiple) an tick the BLOCKED check box.
Done.
Be careful to 'Clear filters and search' before editing onwoards...
Best regards,
Bernd