Skip to main content
Woohoo! Qlik Community has won “Best in Class Community” in the 2024 Khoros Kudos awards!
Announcements
Nov. 20th, Qlik Insider - Lakehouses: Driving the Future of Data & AI - PICK A SESSION
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

anonymous access

Hi everyone,

I have Qlikview Server 9 installed and using IIS as the web server instead of the default QVWS. in order for qlikview to work, i need to enable windows integrated authentication and disable anonymous access.

however, this would mean i would need to enter a password everytime I wanted to access qlikview from outside the server box. is there a way to somehow let qlikview accept authentication tokens from windows so that if i log in as a user on an active directory that has access to qlikview, qlikview will automatically extract the user information and give me access without me having to type a username and password again.

Thanks in advance for any insight,

Yiling

13 Replies
Karl_Humma
Employee
Employee

Yes. A local user should have been created with installation it is called IQVS_[machinename] . If you give this user access (in ntfs) to your qvw folder or direct access to the qvws you would like to show on AccessPoint then you can set the security in the QMC >User Documents >Authorization to Always anonymous. Click on the green plus sign and the option will be available there. If you are allowing anonymous in IIS this should work.

Hope this helps!

/Karl

Not applicable
Author

Thanks for your reply Karl. Unfortunately, it doesnt seem to work. The only way that Authorization options will even show up in the User Documents settings is if Qlikview is set to DMS authorization. But once I do this, wouldn't Qlikview just control file authorization directly and not even check the ntfs settings?

In any case, i tried it with setting only Anonymous access in IIS and I would always immediately get the "You are not authorized to see this page" error when I tried to access the AccessPoint page in a browser.

However, if I give the Virtual directory Qlikview integrated windows authentication, I dont get that page, but when accesspoint opens up, only the header picture is shown, nothing else. In Internet Explorer, it reports there is an error on the page on the botton left corner and clicking on the details says something about "Qva is undefined"

Is there something I'm missing?

Thanks,

Yiling

Not applicable
Author

Hi Yiling,

Did you get the solution for the same issue you have raised here?

If so please do provide me the solution as i need the same to implement.

Thanks in advance,

Mahasweta

Not applicable
Author

no not yet. i'm still working on a solution. if i find it, i will post it here

Not applicable
Author

Hi Yiling,

I got the same through NTNAME section access.And it works for me.

You can check the same if it helps you.

The script is as below,

Section Access;
Load
'USER' as ACCESS,
DOMAINNAME AS NTNAME,SCEN
Resident USERINFO;

Section Application;
Load SCEN Resident USERINFO;

Here my domain name and access info is coming from the database, so which all users NTNAME is mentioned in the database, they only can open the file.

And when the allowed user tries to open the file its not asking him the userid and password again, as the same is fetched from the windows NT login.

Hope it may help you.

Thanks,

Mahasweta

Not applicable
Author

I put all zerofoot print in a password protected folder , and front page before user logons shows a image located in this protected folder , thus forcing user to logon , if logon picture is green if not its red. then user need never logon agagain as im using ntusername.

Not applicable
Author

Thanks for the reply Mahasweta,

I'm looking for something more along the lines of just having a group have permissions to Qlikview, and specifically how many users or who the users are in the group isn't important. Therefore, I don't have a database with all the user info as it would mean someone who have to keep track of new users being added and older users leaving. However, I'm trying to get it so that all user within that group will automatically have their credentials taken by Qlikview without having to enter in a username and password each time. Can section access be set to allow all users of a group and then check if users that try to access the QVW are members of that group?

Thanks again,

Yiling

Not applicable
Author

You can create a group and then add users into the group within user management of IIS.

You then simply call NT Group name instead of the NT Username within the section access.

-- Chris

Karl_Humma
Employee
Employee

im sorry i mixed and matched here. The Authorization to Always anonymous in the User Documents is for DMS only.

Assuming your Directory Service Connector is set to you Active Directory adding the IQVS_[machinename] user to the NTFS permissions of your document folder should allow anonymous access. Be sure to check the settings of your System >Setup >QlikView Web Services ?AccessPoint ta as well for Authentication. Setting to Never is anonymous for AccessPoint...

But reading further into this thread that is not exactly what you want to do, is it?

Sorry for the confusion.

Can you clarify what your directory service resource is, i.e. dms, local, domain, custom... As there are a few ways to get this working.

/Karl