Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Daniel11
Contributor
Contributor
‎2023-04-18 08:33 AM

/samlauthn 403 untrusted http origin header scheme is not allowed error

Hello!

In february 2023 qlik sense enterprise version, saml don`t work. After authorization on idp, browser redirect to host/virtualproxy/samlauthn and 403 untrusted http origin header scheme is not allowed error in network console. In november 2022 same settings to vp and idp work well.

Has anyone encountered such a problem?

Danilich_qlik_0-1681821182111.png

 

Labels (2)
Labels
1,277 Views
0 Likes
1 Solution

Accepted Solutions
Albert_Candelario
Support
Support
‎2023-06-21 03:30 AM

In response to Daniel11

Hello all,

Thanks for posting.

This seems related to a known defect - QB-19046 that will be fixed in the incoming August 2023 release.

The issue arises, if is indeed the same issue, when the Origin is "null".

I hope this helps.

Cheers,

Albert

Please, remember to mark the thread as solved once getting the correct answer

View solution in original post

1 user say ditto
1,116 Views
5 Replies
Daniel11
Contributor
Contributor
‎2023-04-19 05:40 AM
Author

If you copy the Proxy folder from the November 2022 version and replace the February 2023 one with it, then everything works.

1,222 Views
0 Likes
nvankorlaar
Partner - Contributor III
Partner - Contributor III
‎2023-06-19 09:06 AM

Hi, i am encountering the same issue here. Client is using ForgeRock OpenAM with SAML2.0. The May 2022 version had no issues at all, after upgrading to May 2023 it stopped working with this error.  So far we checked everything, and im seeing the following changes that can possible have effect on this.

QB-14622

Qlik Sense: Header injection redirects into non-existing subdomain

The "Host allow list" in Virtual Proxy settings trusted all subdomains of the given entry. This has been fixed by adding an option for strict validation that only allows the given entry. The new proxy configuration setting "StrictValidateWhitelist" allows switching between the behaviors. The default is set to false (all subdomains trusted). If you need strict validation, enable the setting and restart the proxy.

QB-14363

Qlik Sense: Unencrypted origin trusted by default

Fixed a problem that allowed unencrypted HTTP origin header in Qlik Sense for HTTPS protocol requests.


I don't think it is pefrerable to replace the proxy folder with an older version and get possible compatibility issues due to that.

1,122 Views
0 Likes
Daniel11
Contributor
Contributor
‎2023-06-20 03:19 AM
Author

In response to nvankorlaar

Hi.
Thanks for the info.
QB-14363 - most likely caused the error
QB-14622 - does not help to solve the problem. I tried it on the February version earlier and just tried it on the May version with patch 1.

Replacing the folder is only a debug of the problem, but not a solution to it, of course.

1,105 Views
0 Likes
Albert_Candelario
Support
Support
‎2023-06-21 03:30 AM

In response to Daniel11

Hello all,

Thanks for posting.

This seems related to a known defect - QB-19046 that will be fixed in the incoming August 2023 release.

The issue arises, if is indeed the same issue, when the Origin is "null".

I hope this helps.

Cheers,

Albert

Please, remember to mark the thread as solved once getting the correct answer
1 user say ditto
1,117 Views
LTIAT95
Partner - Contributor III
Partner - Contributor III
‎2024-02-27 07:52 AM

I have the same issue on august 2023 Patch 11. I still see the errror message.

403

Forbidden

Untrusted http origin header scheme is not allowed.

I'm able to login using NTLM, But sso is still not working

Any Suggestion.

317 Views