Qlik Community

QlikView Security & Governance

Discussion Board for collaboration on QlikView Security and Governance.

Announcements
QlikView Fans! We’d love to hear from you.
Share your QlikView feedback with the product team… Click here to participate in our 5-minute survey.
Rules, plus terms and conditions, can be found here.
Not applicable

Close session and prevent user from opening the document

We use QlikView embedded to our software site and authentication is done by our software. User session is given a WebTicket that opens the document for the user with OpenDoc.htm.

If the user logs out of our software, but then types in the OpenDoc.htm URL that was used to retrieve the document to the site, they are still able to open the document (https://domain.address.com/QvAJAXZfc/opendoc.htm?document=DocumentName.qvw&host=QVS%40qvtest11 for example) This is a small security issue we try to remove.

Is there an API command we could use that would end the session completely? Has someone build a similar solution?

-Henry

1 Reply
Employee
Employee

Re: Close session and prevent user from opening the document

Hi,

This is an issue with IE remembering the users login information. If the user closes IE then the ticket is also closed and the user can't get to the URL without getting a new ticket.

Bill

Community Browser