Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
All,
A custom application has a button "my Dashboard"
The button has a link http://localhost/QvAJAXZfc/opendoc.htm?document=ap_dev%5Cdpp_preprod.qvw&host=QVS%40svrocmdc
Here is the kicker - the link above contains a qvw - but now the user wants to add a userid which differs from the windows os user name
Is it possible to user section access to have the following
1. User wants to login only once when they access the custom application
the user does not want to login again in Qlik - kind of single sign on
2. Section access information lives in the database, not inline as follows
Section Access;
LOAD * INLINE [
USERID, ACCESS, NTNAME ,GROUPNAME, REGION,AGENT_ID
*, ADMIN, 'DPSCSDOM\qlikviewsrc',*,*,*
*, ADMIN, 'DPSCSDOM\ITCD_Admin',*,*,*
];
LOAD
USERID, ACCESS, NTNAME ,GROUPNAME, REGION_SEC,AGENT_ID;
select '*' AS USERID, '*' AS PASSWORD,"ACCESS" ,RANK , NTNAME ,RTRIM(LTRIM(UPPER(CONCAT(NTNAME,RANK)))) ,
GROUPNAME, case when groupname in('CENTRAL ADMINISTRATION' ) then 'ANY'
WHEN GROUPNAME= 'REGION' THEN CONCAT(CONCAT(REGION,'|'),'ANY') END AS REGION_SEC ,
CASE WHEN GROUPNAME IN ( 'DPP CASE SUPERVISOR' ) THEN SUPERVISOR_ID ELSE USERID END AS AGENT_ID
from QLIKVIEW.VW_QV_DPP_SECURITY_ROLES
WHERE RTRIM(LTRIM(UPPER(CONCAT(NTNAME,RANK)))) IN(
SELECT RTRIM(LTRIM(UPPER(CONCAT(NTNAME,MIN(RANK))))) MINRANK FROM QLIKVIEW.VW_QV_DPP_SECURITY_ROLES
GROUP BY NTNAME);
Any ideas?
Thanks
Rick
Section Access offers two basic authentication mechanisms:
You seem to mix these techniques in your code. UserID is always set to '*'. Why?
With respect to your requirement: you want to combine something that typically belongs to the first technique (custom ID not tied to any external authentication system) with something typically provided by the second technique (SSO that relies on an external authentication system and typically passes your ID that is verified during a previous session, to an application without your knowledge). You can do that with a Custom Directory because that is about the only authentication mechanism in which QlikView plays a role (all others happen outside of QlikView) But then you would have to authenticate every time you launch an AP session. Is that OK?
Peter
Thanks Peter
The 2 options you presented - I would pick the NTNAME
Authenticating every time on launch of an AP Session is ok.
My security access code is definitely wrong and needs help. So I am looking for recommendations from you, please.
The data for the users is stored in the database which is accessed by the sql statement within the section access.
Thanks again for your support and assistance.
Rick