Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

Announcements
Uploads getting stuck in the virus scanner. We are investigating.
cancel
Showing results for 
Search instead for 
Did you mean: 
Partner
Partner

Security rule based on which virtual proxy a user logs on to

Hi,

Is there a way to include a condition in your security rules for which virtual proxy a user logs on to?

For example, if the user logs on to virtual proxy A one rule is applied and if the user logs on to virtual proxy B a different rule is used.

Grateful for any suggestions.

Best regards

Petter Grundström

4 Replies
Highlighted

Hello, 

I have done some testing and can't find a way to do that (even using custom properties), unfortunately.

The list of available resource condition resources is available here. Maybe there will be one that you can use instead of the virtual proxy. 

Bastien Laugiero
If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.
Highlighted
Partner
Partner

Hi,

Thanks for the answer!

The only workaround I can think of is to make users who log on to virtual proxy A belong to user directory A and users who log on to virtual proxy B belong to user directory B and then write security rules based on user directories instead.

However, in my case we sync the users with an Active Directory user directory connector which means they automatically belong to the same user directory as in the AD. Is there a way to change which User Directory they belong to?

Best regards

Petter

Highlighted

Hello, 

If the users connecting to Virtual Proxy 1 and the users connecting to Virtual Proxy are not the same then you have multiple ways to handle this.

You could, for instance, create an active directory group to differentiate them or even create a custom property in Qlik Sense and base your security rule on that.

I thought that the same users will access both the virtual proxies so that's why I didn't suggest that before. 

Hope this helps!

Bastien Laugiero
If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.
Highlighted
Partner
Partner

No, you were right, it is the same users.

The reason I want to differentiate the users based on which virtual proxy is that one of our virtual proxies will give the users elevated access. We have two nodes and one of them should only be used by Super Users, but the Super Users can also access the other node which is used by everyone.

So two nodes with separate virtual proxies but all the users belong to the same User Directory in the AD.

Best regards

Petter