Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
We are using qlikview document, which is integrated into a JAVA Portal. So we are having 2 main servers over here -
1. Portal Server
2. Qlikview Server (Where the .qvw document is deployed)
Further, to inform that the single sign on is implemented using webticket.
Now, generally when user login on Portal, he/she can able to access the Qlikview document. However, sometime the user gets Windows Authentication Popup. (5/100 times)
On investigating the same we found that there is some issue with Cookies/Session. Please find the snapshot below. These snap-shots are taken from Client PC -
Cookie Snap-shot for Portal Server
Cookie Snap-shot for Qlikview Server
When we delete the incorrect cookie (marked in RED) the user wont get the Authentication Popup. However, when the incorrect cookie is not deleted and the user logs out and logs in again the Authentication Pop-up comes up.
I am not sure but what I believe is the incorrect cookie is set by calling QvAJAXZfc service (deployed on IIS on QlikView Server) from JAVA Portal.
Questions:
1. How can I avoid creation of incorrect cookie, OR
2. Is there any settings that I have to make on QEMC Server.
Accepted Solutions
How do you have your webticket code formatted? Are you sending along client credentials to IIS? Have you whitelisted the server requesting a ticket from getWebTicket.aspx? Here is a sample webticket aspx page that you can evaluate against your code. Notice that if the whitelist is set up, default credentials do not need to be supplied to IIS because Windows Auth is disabled and Anonymous enabled.
It may help to watch this webinar as well: QVInPractice1_Authorization.mp4 - Google Drive
This page is for solution architects and integration architects implementing web ticketing in a QlikView 11.2 deployment.
Assumptions
- You have added IIS to the Windows Server.
- You have installed QlikView 11.2 with IIS components.
- You know the ip addresses to add to the whitelist.
Instructions
- On the server with QlikView web services installed, Navigate to %ProgramData%\QlikTech\WebServer.
- Open the file named Config.XML in notepad or your favorite text editor.
- Search for the tag labeled
. - Change this tag from the above to
. - In between the opening and closing tags, enter a <TrustedIP> tag. Enter an ip address and add a closing tag. The result appears like this:
- After adding all of the appropriate trusted IP addresses, save the config.xml file and restart the QlikView Settings Service.
How do you have your webticket code formatted? Are you sending along client credentials to IIS? Have you whitelisted the server requesting a ticket from getWebTicket.aspx? Here is a sample webticket aspx page that you can evaluate against your code. Notice that if the whitelist is set up, default credentials do not need to be supplied to IIS because Windows Auth is disabled and Anonymous enabled.
It may help to watch this webinar as well: QVInPractice1_Authorization.mp4 - Google Drive
This page is for solution architects and integration architects implementing web ticketing in a QlikView 11.2 deployment.
Assumptions
- You have added IIS to the Windows Server.
- You have installed QlikView 11.2 with IIS components.
- You know the ip addresses to add to the whitelist.
Instructions
- On the server with QlikView web services installed, Navigate to %ProgramData%\QlikTech\WebServer.
- Open the file named Config.XML in notepad or your favorite text editor.
- Search for the tag labeled .
- Change this tag from the above to .
- In between the opening and closing tags, enter a <TrustedIP> tag. Enter an ip address and add a closing tag. The result appears like this:
- After adding all of the appropriate trusted IP addresses, save the config.xml file and restart the QlikView Settings Service.
Hi Jeffrey,
With your above solution -
1. Disable Windows Authentication
2. Enable Anonymous Authantication
3. Enter a <TrustedIP> tag under %ProgramData%\QlikTech\WebServer\Congig.XML
I was able to avoid the Windows Authantication Popup. But, I still get "Failed to authenticate" popup.
Is it because, I am manually deleting the AccessPointSession from Cookie to test the Windows Authentication?
Hi Jeffrey,
I was able to extract the Webticket implementation from Portal Code. Please find below the pseudo code for same.
Step: 1
Webticket = http://<QLIKVIEWSERVERNAME>/QvAjaxZfc/GetWebTicket.aspx?cmd=<Global method='GetWebTicket'><UserId>QLIKVIEW_USER</UserId></Global>
Step: 2
Webticket = lcXb/KLvZ5trBTtwTxliVcqiZLCsPIKAcQFpSiwt
Step: 3
http://<QLIKVIEWSERVERNAME>/QvAJAXZfc/Authenticate.aspx?type=html&webticket=lcXb/KLvZ5trBTtwTxliVcqiZLCsPIKAcQFpSiwt&try=/QvAJAXZfc/opendoc.htm?document=QLIKVIEWDOCUMENT.qvw&back=
What I observed is, if the portal is remain idle of 10~15 mins then the Failed to authenticate Popup is coming and this happens when the 2nd AccessPointSession is created in Cookie under Qlikview Server.
Now, this 2nd AccessPointSession is created For QLIKVIEWSERVER. Is it possible to avoid creation of 2nd AccessPointSession?
