Qlik Community

Qlik Sense Integration, Extensions, & APIs

Discussion board where members can learn more about Integration, Extensions and API’s for Qlik Sense.

rbartley
Contributor III

How to prevent other visitors seeing your selections when authenticated using demo user?

Hello all,

This question follows on from my previous discussion: Enabling exportData for anonymous users from mashup

I successfully set up authentication of anonymous users using the qlik-auth module and virtual proxy configuration as show on Qlik Branch.  However, the issue is that all users can now see the selections of other users on the same qap mashup. Is there any way of forcing different sessions for the same authenticated user based on their location/ip address/some other way to ensure that users are authenticated using the dummy user but cannot see the selection of the others?

Any help would be greatfully appreciated as we are considering whether or not to purchase QAP licences within the next day or so and this is a showstopper.

Thanks in advance.

2 Replies
rbartley
Contributor III

Re: How to prevent other visitors seeing your selections when authenticated using demo user?

I just found out that by adding an identity parameter to config in the call to the OpenApp method, this prevents sharing of the session.

var intRandomSessionID = Math.floor((Math.random() * 1000000000) + 1);

…..

….

var config = {

               host: window.location.hostname,

               prefix: prefix,

               port: window.location.port,

               isSecure: window.location.protocol === "https:"

               ,identity:intRandomSessionID

};

As a test, I used a random number as identity, but I will try to get the IPaddress, so that selections can be shared across pages within the same mashup.

rbartley
Contributor III

Re: How to prevent other visitors seeing your selections when authenticated using demo user?

Hmmmm!  I changed the code to pass the identity string to in the URL and only assign a random number if no identity was passed.  So far, so good.  I checked the value of app.model.session.cacheName and confirmed that they were the same (apart from the reloadUri part, of course, see below). However, it seems that the selections are not being passed from page to page.  I am worried about passing the selections in the URL too as there could be a large number of filters and large number of selected values. 


ws://s-agri-qaptest1/auth/app/9198c32b-5f7e-411a-b179-64868ba63844/identity/513994901?reloadUri=http://s-agri-qaptest1/auth/extensions/CAPIndicators/CAPIndicatorsMap1.html?id=513994901

"ws://s-agri-qaptest1/auth/app/9198c32b-5f7e-411a-b179-64868ba63844/identity/513994901?reloadUri=http://s-agri-qaptest1/auth/extensions/CAPIndicators/CAPIndicatorsMap2.html?id=513994901"

Does anyone have any clues? 

Community Browser