10 Replies Latest reply: Apr 11, 2014 10:59 AM by Friedrich Hofmann RSS

    Security issue

    Friedrich Hofmann

      Hi,

       

      I have one app - with personell data - that is of course password-protected. There are two logon_tickets:

      - One for myself and the developers (granting full access)

      - One for the rest of the world (granting only viewing)

      <=> This app (the figures contained in this app that is) are talked of every day at 8am in a special meeting that takes place every day.

      => The manager leading this meeting seemed to be not altogether happy with the fact that they have to enter a password, however
            simple, to access that data.

      <=> I won't sacrifize security altogether just for a little bit more comfort.

       

      => My question is: When the app for this meeting is opened, it contains a link opening the HR_app - could I pass the
            logon_information in some form from this app to the HR_app so entering the username and password is not necessary? (there
            would be no damage in that since the "regular" users can only view the data)?

       

      ((=> Alternatively, I will copy that app and in the copy (intended for everybody and specifically for that meeting), I'll just use
           AutoNumber() to replace all sensitive information so that that app does not have to be protected - but that is tricky and will take a
           while since the sensitive info should then not be in the DataModel in the first place, so it has to be well thought thru.))

       

      Thanks a lot!

      Best regards,

       

      DataNibbler

        • Re: Security issue
          Bill Britt

          Hi,

           

          So you are using section access. Are you publishing the application using QV server are they user opening it with the desktop Client?

           

          You can solve this by using NTNAME in section access and not USERID

           

          Bill


            • Re: Security issue
              Friedrich Hofmann

              Hi Bill,

               

              yes and yes and no:

              - I am using SECTION_ACCESS.

              - I donÄt have the QV_Publisher, only a QV_Server

              - The users are opening the app in the Browser.


              NTNAME would be the Windows logon?

              Hmm... could I simplify that a bit and just specify my own NTNAME for ADMIN access and just imply that all others have USER access, without explicitly stating every NTNAME?

               

              Thanks a lot!

               

              Best regards,

               

              DataNibbler

                • Re: Security issue
                  Bill Britt

                  Hi,

                   

                  One thing to remember that anytime a document is open in server everyone is a "User" and no one is an "Administrator".

                  Yes, that would be the Windows login

                  Yes, You would use something like this.

                   

                  Access;
                  LOAD * INLINE [
                    ACCESS, NTNAME
                  ADMIN, YOURUSER
                    USER, ME
                    USER, BOSS
                  ]
                  ;

                  Section Application;

              • Re: Security issue
                Rupert Cavendish

                I have had a similar problem to this and used a totally different method that provides you with security and availabilty:

                You create additional columns on the Access table that can be used.

                Create one called SECURE_ACCESS and set it to Y for yourself and N for all others.

                You then put a conditional statement on the sheet of SECURE_ACCESS = 'Y'. This means that those people who allowed to see the sheet will do so and all others will not.

                You can then go further to give access to a number of sheets by using buttons that would only appear if SECURE_ACCESS = 'Y' and these then make other sheets appear/disappear.

                I hope that this helps - I have used it successfully in the past.

                  • Re: Security issue
                    Friedrich Hofmann

                    Hi Rupert,

                     

                    of course that would be a possible method.

                    <=> My goal is not to have additional info in the SECTION ACCESS, but to somehow automatically fill the logon_data required by the SECTION ACCESS in the first place - but ONLY when the app is opened via document_chaining from that "morning_meeting_app".

                     

                    @ Bill

                    The idea of using NTNAME for the SECTION ACCESS is good, that would avoid the logon_window. Only it is not sure that morning_meeting is always going to be held using the same user. - Well, I guess that would just be a question of "educating the users" ;-)

                    I'll try that out on a non_sensitive app.

                     

                    Best regards,

                     

                    DataNibbler

                      • Re: Security issue
                        Bill Britt

                        HI,

                         

                        I would guess education is the key here. You would have to put everyone in Section Access that might need to open the document.

                         

                        Bill

                          • Re: Security issue
                            Friedrich Hofmann

                            Hi Bill,

                             

                            I guess you are right. Educating the users is both very sensible and even necessary - we are now "going Germany" with QlikView and we're probably going to build everything centrally here. There is necessarily going to be a certain personell_buildup, but that is not going to happen between soo soon, so I just cannot afford any unnecessary spending of time.
                            Yesterday I spent a few hours actually duplicating the app and hiding personell_numbers with the AutoNumber() fct. and deleting SECTION_ACCESS from
                            the copy - but tonight I thought, why duplicate an app - that means double work, should any KPI come along to be implemented - which is more than probable.
                            So I will take the copy where I have already used AutoNumber() everywhere and delete the original and then put in SECTION_ACCESS again with NTNAME
                              => I will test this first and make a copy so I cannot by mistake lock myself out ;-) That is one of the mistakes everyone makes once and hopefully not again ...

                            I also want to use the names - but to be included even in the DataModel ONLY for the HR dpt, so I'll include an OMIT field based on the NTNAME - matching the names to personell_numbers should be no problem since the AutoNumber() is as a rule only used in the very last and final table - all temp_tables are dropped again.

                             

                            Best regards,

                            DataNibbler

                              • Re: Security issue
                                Friedrich Hofmann


                                Hi Bill,

                                 

                                I have one more problem:

                                => I just tried to switch my SECTION_ACCESS from Username and password to NTNAME

                                <=> Though I have, in the document_properties, on the "security" tab, strictly limited what those persons classified
                                        as USER can do - they cannot save nor edit the script, for instance - they seem to be able to do just that.

                                        (since I don't know any other user who has a Client SW (except my colleague who is not here), I have added
                                         myself as USER (after creating a backup copy)

                                <=> when opening the qvw in the client SW, I can still edit the script, save and "save as".

                                => I have written SECTION_ACCESS like

                                 

                                ACCESS, NTNAME

                                USER, DOMAIN\[name].[family_name]

                                 

                                 

                                (most users will view the apps in the browser so that their access_rights don't matter anyway, but there might be someone with a client installed)

                                Thanks a lot!

                                Best regards,

                                 

                                DataNibbler