topic Re: DMS Header Authentication - Windows Authentication Prompt in QlikView

DMS Header Authentication - Windows Authentication Prompt

Mon, 26 Jan 2026 18:19:17 GMT

Hello,

I am trying to implement Header Authentication with DMS for a SSO (SiteMinder) implementation. I have followed the documentation I have received and it implements wonderfully on my Windows 7 laptop but having issues with impelmenting on 2008 r2. I have the following configuration:

QVS
- Authentication = DMS
- Prohibit Anonymous
Directory Service - custom only, users have access to accesspoint documents
Web Server - IIS
- Performed install of QV 10 with IIS support which automatically creates application pools and necessary sites
- Authentication (from QEMC)
  - Authentication = Always
  - Type = Header
  - Header Name = 'QVUSER'
  - Prefix = blank

Tested that the DMS / Custom Directory worked by 1st configuring web server to use "Custom Header" type. This required that I modify the Authenticate.aspx authentication configuration in IIS to the following:

Authentication / Authorization works great with the above. So, now I want to move onto header authentication. If I keep the config settings for the Authentication.aspx as above and issue a request from Fiddler with 'QVUSER' header parameter, I breifly see the AccessPoint but am immediately taken to a page that says "Login Failed"

If I re-configure the Authenticate.aspx page in IIS back to it's original Authentication settings (see below) (which is the way it is setup on my Win 7 machine and works great)

I get the following when issuing a Fiddler request with proper header parameter:

I would expect this since "Windows Authentication" is chosen on the Authenticate.aspx page but my question is - how can I utilize a header w/o getting the windows prompt AND not being redirected to "Login Failed" page...

I'm sooo close, I'm just missing something small I'm sure... And the frustrating part is that I can reference my Win 7 machine with same config that works fine...

Thank you for your help,

Ben

Re: DMS Header Authentication - Windows Authentication Prompt

Wed, 23 Jan 2013 08:10:58 GMT

We are having the same issue with QV11 (after migration from QV9), did you solve it for QV10? And you know what your solution was?

Re: DMS Header Authentication - Windows Authentication Prompt

agigliotti — Thu, 28 Feb 2013 14:57:24 GMT

I'm using the latest version of QlikView and I faced the same problem injecting http header QVUSER from Fiddler.

Simple I get the windows asking for username and password !

How can I do to use header authentication ?

Someone can help me ?

Thanks in advance

Best regards

Andrea

Re: DMS Header Authentication - Windows Authentication Prompt

Bill_Britt — Thu, 28 Feb 2013 20:35:14 GMT

Why are you using the Custom DSC? I would think you have to point to your AD so you can assign users to the document. See if this document helps. You just need to be in DMS mode. You don't really need to change anything in IIS.

Bill

Re: DMS Header Authentication - Windows Authentication Prompt

Mon, 01 Apr 2013 05:04:03 GMT

Can you do these settings by using Qlikview webserver i.e. without using IIS.

Re: DMS Header Authentication - Windows Authentication Prompt

Bill_Britt — Mon, 01 Apr 2013 08:00:28 GMT

Yes, they should work with QVWS.

Bill

Re: DMS Header Authentication - Windows Authentication Prompt

Mon, 01 Apr 2013 10:04:21 GMT

Hi Billl,

When I do these settings using QVWS , I get error as 'Login Failed' Any clue where to check?

Sanjay

Re: DMS Header Authentication - Windows Authentication Prompt

Bill_Britt — Mon, 01 Apr 2013 11:36:31 GMT

The setting in the QMC is the same for both Web servers. See the attached document to see if it will help.

Re: DMS Header Authentication - Windows Authentication Prompt

Mon, 01 Apr 2013 12:22:02 GMT

Thanks for the document. It really helps. My requirement is to pass user id (from external authentication program) to Qlikview (via http post method) and then QV access point should show list of applications for which that user is authorized to. Can I achieve this objective though DMS ? No Luck so far. Can you send me required settings in QEMS to achieve this objective? This would be of great help to me.

Re: DMS Header Authentication - Windows Authentication Prompt

Bill_Britt — Mon, 01 Apr 2013 12:40:34 GMT

I'm not sure what you are trying to do. Are you trying to point the user to the AccessPoint? You can try using WebTicket for this.

Bill

Re: DMS Header Authentication - Windows Authentication Prompt

Mon, 01 Apr 2013 12:45:32 GMT

Yes. We are trying to point the users to access point (bypassing the login page since users are already authenticated by external program). How to do this by using WebTicket? Can you share any document with me plz?

Re: DMS Header Authentication - Windows Authentication Prompt

danielrozental — Wed, 03 Apr 2013 13:35:53 GMT

Here's a document that mentions webtickets and the sample code that comes with it.

Re: DMS Header Authentication - Windows Authentication Prompt

Mon, 20 May 2013 11:48:59 GMT

Thanks for the document. I could implement SSO using this document. Facing a small issue now. When I click on any application for the first time, I get windows Security popup asking for userid and pwd. When I click OK (without enetring user id and pwd) it open the application without any problem. How to remove this windows security pop up?

Thanks!

Sanjay

Re: DMS Header Authentication - Windows Authentication Prompt

Mon, 03 Nov 2014 03:51:55 GMT

hi ,

Sanjay ,

how can u resolve it?

Re: DMS Header Authentication - Windows Authentication Prompt

Wed, 05 Nov 2014 17:27:52 GMT

Hi liu,

By any chance, is your problem solved? If so, please could you send me the steps.

Thanks

Re: DMS Header Authentication - Windows Authentication Prompt

Wed, 05 Nov 2014 18:32:31 GMT

Hi Sanjay,

Could you send the steps you followed to resolve your issue?

Thanks

Re: DMS Header Authentication - Windows Authentication Prompt

Thu, 06 Nov 2014 08:04:07 GMT

waiting

Re: DMS Header Authentication - Windows Authentication Prompt

Thu, 06 Nov 2014 15:31:58 GMT

Hi Liu,

we have configured the DMS authentication per SSO document, then when I tried to open the document, through fiddler, I was able to open successfully, wheres as when I tried through my web application, i got error message that "Login Failed".

Let me know if, you have any thoughts on that.

Re: DMS Header Authentication - Windows Authentication Prompt

agigliotti — Mon, 30 Mar 2015 10:09:59 GMT

Hi,

I have the same problem with my web app using web ticketing authentication: trying to open my qvw document the windows authentication comes up with username/password requests.

If I press Cancel the document is being opened correctly.

How can I remove this windows pop-up ?

I'm using QVWS with DMS authentication method.

Below the .net code:

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Text;

using System.Xml.Linq;

using System.IO;

using System.Net;

protected void Page_Load(object sender, EventArgs e)

{

String servernameEST="bi1.mdf.it";

String username = "DB DSP TEN\\LRASPINI";

String groupname = "123456";

string Ticket = btnGetWebTicket(servernameEST, username, groupname);

if (Ticket == "")

{

//ERRORE non c'è ticket

return;

}

str_accpoint = lnkCallAccesspoint(servernameEST, username, groupname, Ticket);

Response.Redirect(str_accpoint);

}

//////////////////////////////////////////////////////

protected string btnGetWebTicket(string servername, string username, string groupname)

{

string gruppi = "";

StringBuilder groups = new StringBuilder();

if (!string.IsNullOrEmpty(gruppi))

{

groups.Append("<GroupList>");

foreach (string group in gruppi.Split(new char[] { ';' }))

{

groups.Append("<string>");

groups.Append(group);

groups.Append("</string>");

}

groups.Append("</GroupList>");

groups.Append("<GroupsIsNames>");

groups.Append("true");

groups.Append("</GroupsIsNames>");

}

string webTicketXml = string.Format("<Global method=\"GetWebTicket\"><UserId>{0}</UserId>{1}</Global>", username, groups);

bool chkAnonymous = false; //true;

string result = CommHelper.Execute(webTicketXml, new Uri("https://" + servername + "/QvAJAXZfc/GetWebTicket.aspx?anonymous=true"), chkAnonymous, 10000);

string Ticket = "";

if (string.IsNullOrEmpty(result))

{

return "";

}

else

{

XDocument doc = XDocument.Parse(result);

if (doc.Root.Element("_retval_") != null)

{

Ticket = doc.Root.Element("_retval_").Value;

return Ticket;

}

if (doc.Root.Element("message") != null)

{

XAttribute xatt = doc.Root.Element("message").FirstAttribute;

return "";

}

return "";

}

protected string lnkCallAccesspoint(string servername, string username, string groupname, string ticket)

{

string docName = "Gestione Tenute";

if (groupname != "")

docName = docName + "_" + groupname;

string txtTry = @"https://" + servername + @"/QvAJAXZfc/opendoc.htm?document=" + docName + @".qvw&anonymous=true&host=QVS@bi1";

string txtBack = "http://connect.mdf.it/Admin/QlikView_Tenute.aspx";

return "https://" + servername + string.Format("/QvAJAXZfc/Authenticate.aspx?type=html&anonymous=true&webticket={0}&try={1}&back={2}", ticket, txtTry, txtBack);

}

public class CommHelper

{

public static string Execute(string question, Uri iAddress, bool anonymous, int timeoutms)

{

try

{

HttpWebRequest client = (HttpWebRequest)WebRequest.Create(iAddress);

if (!anonymous)

{

client.UseDefaultCredentials = true;

client.PreAuthenticate = true;

}

client.Method = "POST";

client.Timeout = timeoutms;

client.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;

using (System.IO.StreamWriter sw = new StreamWriter(client.GetRequestStream()))

sw.WriteLine(question);

System.IO.StreamReader sr = new StreamReader(client.GetResponse().GetResponseStream());

return sr.ReadToEnd();

}

catch (Exception)

{

return null;

}

Thanks

Andrea

Re: DMS Header Authentication - Windows Authentication Prompt

Anonymous — Tue, 28 Jul 2015 18:28:30 GMT

I still faces issues when I try logging in using headerauthentication . NTLM works fine.Any one got it fixed