QLIKVIEW SECURITY (Security tab is hidden in script editor)

In QlikView it is possible to restrict the privileges of a qv document for a user from the Document Properties->Security and the Sheet Properties tab: Security pages. The above settings can be set for a user by logged in ADMIN user. The user identity and password needed for opening above security set qv document are specified in the load script(usually hidden) and will show up in the log file if you allow QlikView to generate one. However, if having the user access in the hidden script, the log file will not give away any login information. The Hidden Script button opening the hidden script is found in the Edit Script dialog.

Sample Script:
section access; load * inline [ UserID,DEPT,Access John,FINANCE,Admin ANN,IS,Admin Peter,SALES,User Ben,TECH,User ] ; section application; star is *; Load * inline [ DEPT,CostCenter FINANCE,* IS,5020 SALES,5030 TECH,5040 ] ;

The field DEPT now exists with the same UPPERCASE name in both section access and section application. All field values are also UPPERCASE. The two fields would normally be totally different and separated, but if Initial data reduction based on section access has been checked, the following will result: John may see data for all cost centres Ann may only see data for cost centre 5020 Peter may only see data for cost centre 5030 Ben may only see data for cost centre 5040
--------------------------------------------------------------------------------------------------------------

If you are trying to control what users have access to your documents, just create user group(s) in your Active Directory, then under QEMC Documents Authorization tab add the users/groups you want to have access to the document. AccessPoint will only display the documents to a user that has been authorized to see them. It is very straightforward. -------------------------------------------------------------------------------------PODCAST (Answer sharks): -Implementing security in QV is done in many ways1.Section Access Security: Method1: Using section access in the script, the section access acts as gate keeper when user try to access that dashboard. If you want to give authorization to only specific qv objects then we HAVE TO USE SECTION ACCESS. -To give authorizatin to only specific ROWS then this method is best.(can also be done by publisher) -If there are lot of users, u can use section access to load those users data from db,csv,excel into qv.(can also be done by publisher) -If you want to provide same security to multiple dashboards then section access is eazy and less maintenance.(can also be done by publisher). 2.Publisher Security: -Instead of script being included in the dashboard, the publisher will and apply security settings to the doc while sending doc to server. -If Active directory groups is used by client then this is best option. -This option is good FOR VERY LARGE DASHBOARD IF WE WANT TO GIVE ACCESS TO SPECIFIC DATA IN DASHBOARD.This is called DYNAMIC DATA REDUCTION.If we do this using section access we have to load this big dashboard in memoery of QV Server which many have billions of records, which is not good. So, this scenarios should be used using publisher security. The publihser will create mini dashboards(by splitting large dashboard) as per each user authorization and load that mini dash in QV Server. So finally server RAM contain only small dash(having less records) which user have access. so, we saved the RAM memory and also response time to access records in the small dash is very fast. -It is better for large dashboards. ----------------------------creating section access in the script---> -In the script the security section is called SECTION ACCESS and non-security section is called SECTION APPLICATION.

Rules of Section Access: 1.All of the text in the section access script should be FULLY CAPITALIZED WHEN THE SCRIPT IS EXECUTED-Only the script is capitalized. The data coming in through the script is not capitalized and can come in mixed case. Therefore Best practice is user the UPPER() function around every column loading in from a load statement. eg- upper(ACCESS) AS ACCESS, 2.We cannot view or access(even from section application) any Tables or data in SECTION ACCESS. The tables we define here are used by QV system only.