How to suppress the login input-box when using sec... - Page 2 - Qlik Community

uacg0009 · ‎2016-06-13

Hi All,

I have a question about the section access. I just want to suppress the login-box when I open a dashboard that's using section access on AccessPoint.

The background is :

I installed the WebServer on IIS.

And we are using the SSO for users(getwebticket), so user can click a button to jump to the AccessPoint, so we only know the user's username.

In section access, i only judge the USERID, like

ACCESS USERID REGION

ADMIN AIOLOS

USER TEST USA

USER TEST1 CHINA

When user = TEST click the dashboard on AccessPoint, it will jump to a login-box

I need to input the username and the password(I create in QMC, not the real password of user, because I don't know the real password), then I can get into the dashboard, but I only judge the USERID in section access, so I don't want user to input userid and password here, I just want to get into the dashboard directly when I click it.

So what should I do for it?

Thanks.

Aiolos Zhao

Anonymous · ‎2016-06-14

Hi Aiolos,

At the time you use the USERID field will ask user name and password. You can combine the two, because the first field that is checked is the NTNAME, and if the server can not find the user in the field NTNAME the USERID field will be checked, if specified. The NTNAME field is the domain user.

Regards!

Peter_Cammaert · ‎2016-06-15

I agree that there are many types of user names, user IDs, AD user accounts, custom users, self-defined self-handled identies and the likes in the QlikView world, and they (may) make the matter of authentication extremely confusing. The only thing I can say is that the USERID/PASSWORD in Section Access is document-internal only. It has nothing to do with any external authentication service supplied by the QlikView serveices, Windows, A1ctive Directory or any other directory service. This authentication system does not exist outside your QlikVeiw document. As a result, you will always face the login dialog.

You could load the USERID field in section access with the email addresses from the same database as the one you are using for the custom login form, but still the outside environment has no standard way (like SSO) to pass any accepted credentials to the document in a transparant way.. AFAIK there is only one mechanism that features a real out-of-the-box SSO, and that mechanism involves the NTNAME field.

Note that NTNAME is not only used to match AD credentials. It can be used for Customer users (defined in a Custom Directory DSC) as well..I guess that could save your day if you could define a DSC that authenticates users using their email address. But you didn't provide any details about how the Custom login page verifies email addresses.

Best,

Peter

Peter_Cammaert · ‎2016-06-15

Section Access data reduciton is linked to user IDs, not to machines. If you login using a different user ID, you'll get different data. If you login using the same User ID, you'll get the exact same data reduction, whatever the machine you are using toe get to the AccessPoint.

Note that you cannot use a user that only exists in a local (machine) directory to aiuthenticate in a centralized service like QlikView Server, because the latter doesn't know about that local directory. In addition to that, that's exactly why Actiuve Directory was invented: AD spans machines and networks and manages access to resources dispersed over an entire network in a uniform way.

Peter.

How to suppress the login input-box when using section access on Accesspoint?