Qlik Community

QlikView Publisher

Discussion Board for collaboration on QlikView Publisher.

Announcements
QlikView Fans! We’d love to hear from you.
Share your QlikView feedback with the product team… Click here to participate in our 5-minute survey.
Rules, plus terms and conditions, can be found here.
matteoacn
New Contributor II

Access Point permissions with SSO

HI,

we configured QlikView with SSO Siteminder. (DMS authorization and HTTP header login for Web Server). Now we would like to manage user permissions for viewing files on access point. Could we assign permissions to documents in Documents - User Documents - Authorization? Are recognizable Users from SiteMinder?

Or have we to manage the distribution  - source document (publisher side) only after populating users through configurable ODBC?

There are differences between the two cases?

Matteo


4 Replies
danielrozental
Honored Contributor II

Access Point permissions with SSO

Matteo, yes, you can use siteminder users on the authorization tab, you'd probably need to write it as CUSTOM\USER, depending on what you have configured in the webserver.

If you can't figure it out just set a document to allow all authenticated users and then look at the licenses assignment for the correct syntax on usernames.

Populating the users through ODBC will help you search and add those users without needing to type it, but it will still work if you do just type the names.

matteoacn
New Contributor II

Access Point permissions with SSO

Thank you Daniel,

just another question:

what's the difference between using authorization on the user document and to put the authorization on the source document through a scheduled task created by publisher?

The result obtained is always the same?

Thank you and best regards,

Matteo

garystrader
Contributor III

Access Point permissions with SSO

The result is the same when you set authorization via Publisher (source document) or on Server (user document).

However the username is being passed through the header is how it should appear in the authorization list.  For example, we set up SSO for Salesforce.com, and the users were being passed in email address format, so user@company.com would appear in the DMS authorization list.  Same is true for section access entries.

If you don't want to manually configure every user's authorization, you can set authorization to "All Authenticated Users" and let your SSO process handle the authentication and the authorization.

matteoacn
New Contributor II

Access Point permissions with SSO

With the configurable ODBC only advantage is to have the possibility to manage groups and view users name? Beacuse the user document authentication seems faster and easier .

Community Browser