Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Introducing a new Enhanced File Management feature in Qlik Cloud! GET THE DETAILS!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
gmu
Former Employee
Former Employee
‎2016-11-14 09:05 AM

How to use Windows Authentication (internal AD) for external access

Hello community.

Is there a way to allow internal users stored in an AD, to access the Qlik Sense environment from the extranet (i.e. their homes or mobile devices) without using an authentication mechanism leveraging Web Ticketing (or SAML, or HTTP header)?

For example, could we have a landing web page in the DMZ, on which users will click on a url, which will in turn call the Qlik Sense hub page and use automatic windows authentication, by asking users to enter their internal AD credentials?

If yes, is there a document that describes this process?

Thank you.

Gerasimos.

2,010 Views
0 Likes
3 Replies
shraddha_g
Partner - Master III
Partner - Master III
‎2016-11-15 12:59 AM

You can use qliksense hub outside network with windows authentication.

1,489 Views
0 Likes
gmu
Former Employee
Former Employee
‎2016-11-15 01:06 AM
Author

In response to shraddha_g

Thanks Shraddha.

I am afraid that his will not be possible for reasons such as that having Qlik Sense outside the network (i.e. in the DMZ) would be a security threat, also the AD is located in the internal network, so the QSP (located in the DMZ) needs to reach out to the AD (located in the LAN) in order to do the authentication.

I think that the best approach is the deployment of a Reverse Proxy in the DMZ which is going to re-direct all incoming traffic to an internal Qlik Sense Proxy, which in turn will do the authentication against the AD using Windows Authentication.

Is there any step-by-step document on how to configure Qlik Sense in this kind of scenario (how should the virtual proxy(ies) and the authentication be configured when it will be http header or automatic windows authentication)?

Thanks again.

1,489 Views
0 Likes
shraddha_g
Partner - Master III
Partner - Master III
‎2016-11-15 01:11 AM

In response to gmu

That's correct.

I didn't come across any step by step documentation. But your network team will be able to help you with this

Once you re-direct the traffic to global ip which will help you to access qliksense hub outside network, you will have to whitelist the ip and hostname in virtual proxy section.

1,489 Views
0 Likes