Solved: Re: What is authentication and authorization in se... - Qlik Community

jayaseelan · ‎2016-05-10

Hi everyone,

Please explain the Difference between authentication and authorization.

ankit777 · ‎2016-05-11

Hi

Here is a extract from qlikview reference manual

29.1 Authentication and Authorization

Authentication is any process by which it is verified that someone is who they claim they are. QlikView can

either let the Windows operating system do the authentication, or prompt for a User ID and Password (different

from the Windows User ID and Password) or use the QlikView license key as a simple authentication

method.

Authorization is finding out if the person, once identified, is permitted to have the resource. QlikView can

either let the Windows operating system do the authorization or do the authorization itself. For the latter, a

security table must be built into the script.

View solution in original post

Anonymous · ‎2016-05-10

Hi Jayaseelan,

Maybe this article can help:

Authentication and Authorization

Regards,

-- Karla

Anonymous · ‎2016-05-10

Authentication is the process to verify who the person is. Qlik does not do this. This is usually done with a service that is integrated with Qlik. I.e. Active Directory.

Once authentication is successful the credentials are passed to Qlik. This may be as a username or AD Group for example.

Authorisation is the process that determines what the individual is able to access. Authorisation may be at a

- Feature level. I.e. Access the QMC or not. This is controlled through the Qlik Administrators AD Group.

- Document level. Have permissions to open an application or not. This can be controlled by NTFS permissions or explicit permissions on the application itself.

- Data level. What rows or columns do I have access to. This is controlled via Section Access.

jayaseelan · ‎2016-05-11

Got some idea.Thank you for the explanation.

ankit777 · ‎2016-05-11

Hi

Here is a extract from qlikview reference manual

29.1 Authentication and Authorization

Authentication is any process by which it is verified that someone is who they claim they are. QlikView can

either let the Windows operating system do the authentication, or prompt for a User ID and Password (different

from the Windows User ID and Password) or use the QlikView license key as a simple authentication

method.

Authorization is finding out if the person, once identified, is permitted to have the resource. QlikView can

either let the Windows operating system do the authorization or do the authorization itself. For the latter, a

security table must be built into the script.

williamhold · ‎2019-03-15

Authentication

Authentication confirms who you are. For example, you can login to your Unix server using ssh client, or access the server using POP3 and SMTP email client. Typically, PAM (Pluggable Authentication Modules) is used as a low-level authentication schemes into a high level application programming interface (API), which allows programs that rely on authentication to be written independently of the underlying authentication scheme.

Authorization

Authorization is the process to confirm what you are authorized to perform. For example, you are allowed to login to your Unix server via ssh client, but you are not allowed to browser / data2 or other file systems. Authorization occurs after authentication is successful. Authorization can be controlled at the level of file system or use a variety of configuration options such as application level chroot. Normally, the connection attempt should be good authentication and authorization by the system. You can easily find out why the connection attempts are either accepted or rejected with the help of two factors.

What is authentication and authorization in section access ?