topic Re: Qlksense extensions Authentication in App Development

Qlksense extensions Authentication

marco_puccetti — Tue, 09 Feb 2016 10:48:55 GMT

Hello i need to let auto-authenticate users in order to access to a mashup application on a qliksense server, is it possible using any available API?

I can't find usefull example!!

Thanks

Marco

Re: Qlksense extensions Authentication

marco_puccetti — Tue, 09 Feb 2016 11:32:58 GMT

I have tried to disable the windows authentication accessing the menu showed below:

But when i open the application i get this error: NoAvailableAccessType

What can i do to avoid this request during the first access to the application?

Thanks

Marco

Re: Qlksense extensions Authentication

marco_puccetti — Mon, 15 Feb 2016 10:10:31 GMT

I have created a rule in the login access rule section as reported below:

but when i access the application i get this error: NoAvailableAccessType.

Have i to adjust any settings?

Thanks

Marco

Re: Qlksense extensions Authentication

marco_puccetti — Tue, 16 Feb 2016 14:14:12 GMT

Hello i explain better my question, i have installed on an server a mashup application and i need to reach it from an external machine.

As written above i have configured the proxy to allow anonimous access, and trying to access locally it works, but if i try to reach it from an external machine i need to insert the remote machine credential.

Is it possible to avoid this?

Using specific API or similar?

Thanks

Marco

Re: Qlksense extensions Authentication

marco_puccetti — Wed, 17 Feb 2016 16:44:31 GMT

I still have this error

Although i have also configured the proxy white list in order to allow the external machines to access the qliksense application (in this case the win-3a5sokhjrtn😞

Anyone can answare my question?

Thanks

Marco

Re: Qlksense extensions Authentication

marco_puccetti — Wed, 24 Feb 2016 14:24:04 GMT

I have read the Authentication API: Authentication API ‒ Qlik Sense, but i have not well understood the mechanism that i have to use to integrate the authentication process in my ASP.Net application pages, in order to send the credential directly to the qlik server authentication module and avoid the https windows uthentication login window, if is it possible.

Thanks

Marco

Re: Qlksense extensions Authentication

Thu, 25 Feb 2016 07:07:47 GMT

hi i am also troubleshooting same issue marco if u got any solution please add this thread only

Re: Qlksense extensions Authentication

marco_puccetti — Thu, 03 Mar 2016 14:54:53 GMT

I have made further tests and get this error in the log file "Server_Reository.txt":

315

2.1.1.0

20160303T154142.508+0100

ERROR

qlik-test

8f25aa4e-67c4-4830-ab64-f7a2a864e9ef

Command=License user access;Result=403;ResultText=Error: Access denied

ac2177e6-88a0-4e84-9be9-9369218d3dad

8a2ce938-a9ce-4b04-be92-d5135379e7fb

NONE

anonymous2b551027-cd23-4a89-ace9-051c28aaa419

Not available

Repository

AppAccess

/qrs/requestaccesstype

License user access

403

Login access denied for SessionID: 'ac2177e6-88a0-4e84-9be9-9369218d3dad', Hostname: "172.16.11.106", OperationType: 'UsageDenied'

8f25aa4e-67c4-4830-ab64-f7a2a864e9ef

Perhaps it depends on this elements to be reallocated but how can i do this?

Thanks

Marco

Re: Qlksense extensions Authentication

Michael_Tarallo — Thu, 03 Mar 2016 15:32:03 GMT

Hello Marco, adding an some eyes to this.

swr‌ - can you take a look at this discussion?

Thanks

Mike T

Qlik

Re: Qlksense extensions Authentication

Stefan_Walther — Thu, 03 Mar 2016 15:52:40 GMT

Yep, take it, have to double-check and will come back with an answer resp. asked colleagues in R&D to come back to you.

Regards

Stefan

Re: Qlksense extensions Authentication

Fredrik_Lautrup — Fri, 04 Mar 2016 10:54:34 GMT

If I would do this setup I would

On a virtual proxy I would choose the option "Always anonymous" under the authentication tab.
You need to add your web server name to the "Web socket origin white list"
I would create a login access rule that grants only anonymous users access tokens from this pool. I think your rule should work but there are other ways to detect anonymous users that you could test. All anonymous users belong to the userDirectory=NONE so a rule like user.userDirectory="NONE" or a rule like user.userID like "anonymous*" should also do the trick.
In the development of the mashup make sure you use the virtual proxy in the links

From reading the thread it looks like this is the setup you are aiming for? is this correct?

Is your mashup based on iframes or div tag integration?

Re: Qlksense extensions Authentication

marco_puccetti — Fri, 04 Mar 2016 15:03:05 GMT

I have added the user.userDirectory="NONE" and now the "InvalidAccessType" error.

But i need to avoid this error due to the ssl connection (in practice is it possible to bypass this? The application in which the extensione is integrated is using iframe).

Thanks

Marco

Re: Qlksense extensions Authentication

marco_puccetti — Mon, 07 Mar 2016 13:42:06 GMT

I have tried to export certificate from the qlik server and import it on the client machine using this utility:

But now i get the "NoAvailableAccessType" Error.

How can i solve this?

Thanks

Marco

Re: Qlksense extensions Authentication

marco_puccetti — Mon, 07 Mar 2016 15:10:32 GMT

Now, i have removed the client, server and CA certificates on the QlikSense server, after this i have changed the proxy authentication to "Always Not Anonimous", in this case i can't access the qmc.

How can i do?

Marco

Re: Qlksense extensions Authentication

marco_puccetti — Fri, 11 Mar 2016 12:01:04 GMT

I have reinstalled the qliksense server and tried to let access to qmc using certificate but i have noticed this:

If i export the certificate using the qmc certifcate it doesn't work.

Thanks

Marco