QlikView utilizes cookies to handle AccessPoint sessions. One of the persistent cookies used, stores user credential information.
For more information around QlikView and Cookie usage, please refer to QlikView - Usage of cookies QlikView 12 November 2017
By default, the persistent AccessPoint cookie
stores the login name.
The example output from the Google Chrome debug tools shows that Login
is followed by the domain
QlikView 12.20 (November 2017) and up
QlikView has introduced a setting that can be enabled to remove the user credentials: <add key="UserNameInCookie" value="false"/>
This setting is only available from version 12.00 and up.
- Stop the QlikView WebServer service in the Windows Services console
- Navigate to C:\Program Files\QlikView\Server\Web Server Settings
- Locate and open QVWebServerSettingsService.exe.config in a text editor with administrative permissions
- Find the following section:
<!-- Enforces all cookies are set without containing user name -->
<add key="UserNameInCookie" value="true"/>
- Change true to false
- Save the configuration file
- Start the QlikView WebServer service
- Open the Internet information Service (IIS) Manager
- Open the Default Web Site (or whichever Site QlikView has been configured in)
- In the ASP.NET section open Application Settings
- Click Add... (top right corner, or right click into white space)
- Add a new Application Setting
- Click OK
- Restart the QlikView Application Pool, or reset IIS
Verify that the persistent cookie no longer stores user credentials:
Please note that the WelcomeName
the user ID, but the name the system translates it to, and displays on the AccessPoint in the top right corner as Welcome, NameHere.
This identifier is necessary, but not tied to the name. It can be changed by the user on the AccessPoint in their Favorites & Profile