Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
I have an app, that I access with the web ticket system, here is my authentication (this script is in ColdFusion):
<cfxml variable="QVRequest">
<Global method="GetWebTicket">
<UserId><cfoutput>#QVUser#</cfoutput></UserId>
<GroupList><string>#QVGroup#</string></GroupList>
<GroupsIsNames>true</GroupsIsNames>
</Global>
</cfxml>
All is working well, my users come authenticated on access point, and can access to application with section access on NTNAME.
I would like limit access by group, and the documentation is not really clear about it.
What is the field that match the group in "GroupList" in section access ?
Is there a way to see in access point the group associated with the authenticated user?
Hi Tanguy
You need to include the GROUP as a field in the section access load, e.g.;
SECTION ACCESS;
Load * INLINE [
ACCESS, NTNAME,GROUP
ADMIN, ADMIN1, GROUPA
USER, USER1, GROUPB
USER, USER2, GROUPB
USER, USER2, GROUPC
];
SECTION APPLICATION;
So by adding the groups here, you can limit users down to the relevant group or groups (USER2 has access to two groups via two records). It is important to note that GROUP has to be capitalised (or at least that's what Qlikview says). If you want your model to have Groups in lower case, simply add GROUP as an additional field.
There is no direct way to put this into the accesspoint as each qvw has it's own authentication, thus feasibly a user may have different group authorisation by qvw.
There may be a work around such as setting up a qvd with buttons to your different working qvws, and displaying the data there. But this gets a bit heavier on the maintenance and is not a perfect solution. I would simply ensure the user is aware of their authorisation limits on each qvw they enter.
I hope this helps. Let me know how you get on.
Regards
Steve
Hi Tanguy
You need to include the GROUP as a field in the section access load, e.g.;
SECTION ACCESS;
Load * INLINE [
ACCESS, NTNAME,GROUP
ADMIN, ADMIN1, GROUPA
USER, USER1, GROUPB
USER, USER2, GROUPB
USER, USER2, GROUPC
];
SECTION APPLICATION;
So by adding the groups here, you can limit users down to the relevant group or groups (USER2 has access to two groups via two records). It is important to note that GROUP has to be capitalised (or at least that's what Qlikview says). If you want your model to have Groups in lower case, simply add GROUP as an additional field.
There is no direct way to put this into the accesspoint as each qvw has it's own authentication, thus feasibly a user may have different group authorisation by qvw.
There may be a work around such as setting up a qvd with buttons to your different working qvws, and displaying the data there. But this gets a bit heavier on the maintenance and is not a perfect solution. I would simply ensure the user is aware of their authorisation limits on each qvw they enter.
I hope this helps. Let me know how you get on.
Regards
Steve
Thanks Steve, I will try this!