Qlik Community

QlikView Security & Governance

Discussion Board for collaboration on QlikView Security and Governance.

Announcements
QlikView Fans! We’d love to hear from you.
Share your QlikView feedback with the product team… Click here to participate in our 5-minute survey.
Rules, plus terms and conditions, can be found here.
Not applicable

How to best limit access to a field/column?

If we have a situation where we have have certain fields, for instance customer contact details, that we want to make sure only authorised users are able to access is there a simple way to do this?

From what I have understood of section access you can use OMIT to prevent specific users from viewing specific fields. But as we have multiple users, most of whom would not be permitted to view those fields it seems that can become a bit cumbersome. Is there any way to make it into a whitelist system such that no rows are hidden for any users, but e.g. phone numbers are hidden unless the user is listed as part of the outbound team?

It is assumed that the client application runs in an Ajax environment, some users have CAL access, other are named users, there are multiple fields to restrict and none is to be given access to the restricted fields unless explicitly stated.

How would one solve this problem in a way that is easy to maintain for developers and administrators alike?

Tags (2)
4 Replies

Re: How to best limit access to a field/column?

Yes, to implement section access will need some effort but it is the only way with a single application. If you used however two or more slightly different applications and restricted the access on application-level you could implement such a white-list approach. But it meant more effort to maintenance and system-ressources.

- Marcus

Not applicable

Re: How to best limit access to a field/column?

I do use several applications, although most of them gets their data form a binary load so the access rights can be spread that way (as long as users are not allowed to download the applications that should not be a security issue right?)

I guess setting up OMIT groups as per Qlik Tips: Blocking user access to a field using OMIT would reduce the effort needed to prevent most of the users from seeing a handful of fields, but I assume that means there is no default user privilege and that all users must be assigned to a group or see nothing at all? I guess it's not that bad, only a little bit more job than I had hoped for

Re: How to best limit access to a field/column?

Sometimes it it useful to apply a DUMMY user - http://community.qlik.com/message/481875#481875 - and/or to create a loop or join to assign all users, see this example (it's not really section access but what approach could be done):

t1:

Load 'Dummy' as User Autogenerate 1;

     join

Load distinct Firma From xyz;

concatenate (t1)

Load * Inline [

User, Firma

Hans, 10

Hans, 20

Hans, 30

Sepp, *

....

];

- Marcus

bestofwest
Contributor II

Re: How to best limit access to a field/column?

Encrypt QVD input file.

Community Browser