Solved: Cannot get Section Access to work - Qlik Community

Report Inappropriate Content · ‎2015-10-08

Hi all,

Myself and my organisation are very new to Qlikview and are currently evaluating it before deciding whether or not to buy. One of the deciding factors for us will be security.

I'm trying to implement section access to a test document but I simply cannot get it to work. My script is below (data has of course been scrubbed of anything potentially identifiable to our organisation!)

SECTION ACCESS;

LOAD * INLINE [

ACCESS, NTNAME, SectorName

ADMIN, TP\user1, Sector A

USER, TP\user2, Sector B

USER, TP\user3, Sector C

];

SECTION APPLICATION;

What I would expect here is that TP\user1 can only see data pertaining to Sector A, TP\user 2 to Sector B and so on. Unfortunately, when I either view the report locally on Qlikview desktop or deploy onto Qlikview server, each of these three users can see all sectors.

I have already selected "Initial Data Reduction Based on Section Access" and "Strict Exclusion" within document properties. If I change the script to use USERID and PASSWORD in place of NTNAME, it prompts me when I open the document but no reduction seems to apply. I've also commented out the SECTION ACCESS and SECTION APPLICATION lines to add it as a standard table and can confirm it appears to filter exactly as expected.

I understand that this is probably a really simple question but for the life of me I cannot see what it is that I am doing wrong. If someone could please help it would be much appreciated.

Thanks in advance,

Chris

jonathandienst · ‎2015-10-08

You need uppercase and a small link table to link the SECTORNAME to the SectorName (assumes you have a main fact table called Data):

SECTION ACCESS;

LOAD

ACCESS,

Upper(NTNAME) As NTNAME,

Upper(SectorName) AS SECTORNAME

INLINE [

ACCESS, NTNAME, SectorName

ADMIN, TP\user1, Sector A

USER, TP\user2, Sector B

USER, TP\user3, Sector C

];

SECTION APPLICATION;

Link:

Load SectorName,

Upper(SectorName) AS SECTORNAME

Resident Data;

Logic will get you from a to b. Imagination will take you everywhere. - A Einstein

View solution in original post

maxgro · ‎2015-10-08

try with uppercase values and fieldname

Report Inappropriate Content · ‎2015-10-08

The QlikTech recommends always use Upper case for Field Names section access table. Please try below.

SECTION ACCESS;

LOAD * INLINE [

ACCESS, NTNAME, SECTORNAME

ADMIN, TP\user1, Sector A

USER, TP\user2, Sector B

USER, TP\user3, Sector C

];

SECTION APPLICATION;

Please make sure that SECTORNAME in the data model must be in Upper Case to apply data reduction.

Apart from that, Document Properties --> Opening --> select "Initial Data reduction Based on Section Access"

Report Inappropriate Content · ‎2015-10-08

Thanks, I tried that but now every time I access the document as any other user than the Admin user I get "Access denied to this Qlikview document". Script below:

SECTION ACCESS;

LOAD * INLINE [

ACCESS, USERID, PASSWORD, SECTORNAME

ADMIN, user1, abc, *

USER, user2, abc, SECTOR A

USER, user3, abc, SECTOR B

USER, user4

, test, SECTOR C

];

SECTION APPLICATION;

jonathandienst · ‎2015-10-08

You need uppercase and a small link table to link the SECTORNAME to the SectorName (assumes you have a main fact table called Data):

SECTION ACCESS;

LOAD

ACCESS,

Upper(NTNAME) As NTNAME,

Upper(SectorName) AS SECTORNAME

INLINE [

ACCESS, NTNAME, SectorName

ADMIN, TP\user1, Sector A

USER, TP\user2, Sector B

USER, TP\user3, Sector C

];

SECTION APPLICATION;

Link:

Load SectorName,

Upper(SectorName) AS SECTORNAME

Resident Data;

Logic will get you from a to b. Imagination will take you everywhere. - A Einstein

Colin-Albert · ‎2015-10-08

Both the sectorname field and the data must be uppercase to work with Section Access.

Three golden rules for section access,

Rule 1 UPPERCASE. Rule 2 UPPERCASE. Rule 13 UPPERCASE.

This link may help https://community.qlik.com/docs/DOC-5917

Report Inappropriate Content · ‎2015-10-08

Yes! That did it. Thank you so much for your help