topic Integration with apache in QlikView

Integration with apache

Mon, 26 Jan 2026 18:19:17 GMT

i am looking to integrate my qlikview server with the apache on the front end . so that when user logon to the websso, he is redirected to accesspoint webpage with auto logon

can you explain me how this all works

thanks

peter

Integration with apache

Bjorn_Wedbratt — Thu, 23 Sep 2010 09:10:10 GMT

Hi Peter,
I guess your Apache isn't part of / joined to the domain so the users authenticated against your SSO are no authenticated Windows users? In this case you need to configure AccessPoint for http header authentication and also set QVS to run in DMS mode. I have no example out-of-the-box, but attached is a document that might give you some clues on the steps required (not covering the SSO solution)

Btw, what kind of SSO are you using on Apache?

Integration with apache

Thu, 23 Sep 2010 09:45:14 GMT

Many thanks for the reply

the first issue i am facing is that once the user logs in using the HTTP header into access point, i have the document access given to a ldap usergroup, how can i resolve the user group basis the user name i get from the HTTP header

i have given the path of LDAP service in the DSC active directory but does not seem to work , i am getting a error " object reference not set to instance of an object"

thanks

peter

Integration with apache

Thu, 23 Sep 2010 21:06:09 GMT

In addition to above we have integrated our websso wih the qvserver, now when the access point portal is called, if no HTTP header is available, it is redirected to websso page and on authentication it is redirected to access point portal but there is no username in the portal page

Ideally it should login in as the HTTP Header but it is not

I have followed all the steps that yo have given in the attached file above but no luck

what is missing there

thanks

peter

Integration with apache

Bjorn_Wedbratt — Thu, 23 Sep 2010 22:16:34 GMT

The AD DSP is for Active Directory only so you cannot use it for a generic LDAP provider. This is due to the schematic in AD is extended with some properties that are Microsoft specific. The DSP for AD will be more generic in v10.

If you want to resolve groups using any other LDAP provider, such as OpenLDAP or similar my guess is that your only way is to write a custom provider. I know there's been one floating around, will see if I can get it for you.

Integration with apache

Bjorn_Wedbratt — Thu, 23 Sep 2010 22:23:12 GMT


csavgssc wrote:
Hi
In addition to above we have integrated our websso wih the qvserver, now when the access point portal is called, if no HTTP header is available, it is redirected to websso page and on authentication it is redirected to access point portal but there is no username in the portal page
Ideally it should login in as the HTTP Header but it is not
I have followed all the steps that yo have given in the attached file above but no luck
what is missing there
thanks
peter<div></div>

Hmm...did you verify the HTTP Header being present when accessing Accesspoint? You should be able to pick it up using Fiddler. What kind of SSO are you using? CAS?

Integration with apache

Fri, 24 Sep 2010 10:35:10 GMT

Hi i tried testing with fillder but it does not work, i tried with the header name QVUSER and on fiddler tried to set filter but it still does not show any username after login

i saw another example on the community which talks about configuration with IIS

This is also not possible in my case as we are using apache

SSO we are using is Clear trust

thanks

peter

Integration with apache

Fri, 24 Sep 2010 11:15:51 GMT

kindly provide me with the custom provider also that is floating around

thanks

peter

Integration with apache

Sun, 26 Sep 2010 14:54:23 GMT

Hi Bjorn

kindly provide us with the info

thanks

peter

Integration with apache

Tue, 28 Sep 2010 13:04:05 GMT

Hi Bjorn

Will appreciate your help on the above issue

Thanks

Peter

Integration with apache

Wed, 06 Oct 2010 14:24:04 GMT

Hi Bjorn,

Can you please be kind to provide us the plugin with which we can resolve the LDAP user groups.

Regards

Peter

Integration with apache

Bjorn_Wedbratt — Wed, 06 Oct 2010 14:32:42 GMT

Hi Peter,
Sorry, been busy lately so I haven't been able to dig into this. The DSP I found didn't resolve groups either so I'm currently looking into the generic LDAP DSP for v10 (got some confirmation it will also work with v9 but more tests are required). Could be worth a shot to look into it so you don't need to develop your won DSP if it is working successfully with groups etc

Regards,
Bjorn

Integration with apache

Wed, 06 Oct 2010 15:08:27 GMT

Hi Bjorn

Many thanks for the reply

You mean to say that we can use the plugin used in V10 for LDAP connectivity in V9.0 also, Then where can i get to download v10

thanks

Peter

Integration with apache

danielrozental — Wed, 06 Oct 2010 18:26:01 GMT

Interesting document but is that really secure?

Wouldn't just about anyone be able to impersonate a user?

Integration with apache

Bjorn_Wedbratt — Thu, 07 Oct 2010 11:05:10 GMT

Hi Daniel,
You're absolutely correct. The document I attached is just a simple way of trying out the http header authentication in Accesspoint and is in no way a full documentation on how to deply a SSO solution. It is the responsibility of the SSO solution (for example Siteminder, MS Federation Services etc) to govern the web site and protect it from unautorized access with a tampered/changed credentials (http headers).

Technically SSO solutions may differ, using encrypted cookies etc, but the idea is the same. If you don't have the correct security credentials (like a specific http-header) when accessing the site, you will be redirected to some kind of authentication authority. If you claim to have the correct credentials they will be verified against the auth authority before gaining access.

Integration with apache

Thu, 07 Oct 2010 14:14:13 GMT

Hi Bjorn

where can i get to download v10 or else can you provide me the plugin file

thanks

Peter

Integration with apache

Wed, 13 Apr 2011 18:34:16 GMT


Bjorn Wedbratt wrote:
If you want to resolve groups using any other LDAP provider, such as OpenLDAP or similar my guess is that your only way is to write a custom provider. I know there's been one floating around, will see if I can get it for you. <div></div>

Hi Bjorn,

I'd be interested in a non-AD LDAP provider, too, if you find it.

Thanks,

P.S. Great Sheldon pic.

Integration with apache

Bjorn_Wedbratt — Thu, 14 Apr 2011 09:05:19 GMT

Hi DJ,
in v10 you can use the Generic LDAP provider supplied with QVS, so you no longer need to write your own custom provider. SR2 will fix some issues with group resolution when using the Generic LDAP so I suggest waiting for the release of v10 SR2, which should be out within a week or so.

Regards,
Bjorn