DMS Authorization: restrict on "region" based on LDAP field?
I have read all documentation regarding the server and authorization. But one thing remains unclear. How can you dynamically restrict what a user can see if you are using DSC (directory service) like LDAP or a custom authorization table (username, password, region).
Question: is it just like section access, in the sense that if you both have this "region" field in LDAP table and in your application datamodel, that Qlikview QVS will dynamically restrict access?
Or do you need to have a section access table in each QVW with colums (NT username, Region) in which you make te restriction? Can you also make use of groups?
Single Sign on from portal to Qlikview apps, authentication is done via webtickets
•Dashboard needs to show only the data associated with the logged in user from the portal (group/region data is stored in the portal authentication system)
•Access to reporting portal is neededby:
–Customersfromoutside the companynetwork (not in active directory)
Re: DMS Authorization: restrict on "region" based on LDAP field?
Yeah, this seems to be the solution, but I am not very happy with it (this approach by QV ). I hoped that you could have done it without specifying the usernames and "region restriction" in section access for each user.
You can't directly couple the NT group (or some custom directory group) dynamically to a section application field? E.g. you can read NTNAME but not NTGROUP?
in this solution you only use DMS for authentication... (not field value authorization)