Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2017-10-12 08:06 AM

How to authenticate ldap users to allow them to login into QSHub?

Hello everyone,

I am setting up a Qlik Sense installation to learn and discover its features.
I am having trouble allowing users to authenticate and log into QSHub.
I set up an ldap connector, and I successfully uploaded my ldap users to QMC, I can see all the users in the users panel of the console.
I realized that you can't authenticate via QMC or QH itself, but I didn't understand how to authenticate them.
I tried to give an user a token, but it didn't work.
I created a virtual proxy with different type of authentication methods, I firstly tried with ticket (but it seems a windows-related feature, so I gave up), and I am now trying header authentication, but I honestly don't know what to do.


I want some users from my ldap to be able to login into Qlik Sense Hub with their ldap credentials (and if that's not possible I just want them to be able to authenticate and log into the hub being able to track their activity).
What do I have to do? Please explain as much detailed as possible. A step by step guide would be great.


NOTE that I do not have access to the internet from the server where Qlik Sense is installed on.

3,268 Views
0 Likes
6 Replies
Vincenzo_Esposito
Employee
Employee
‎2017-10-13 07:41 AM

Ok to create a virtual proxy and use the ticket authentication, but you also need to create an authentication module which verify the user identity this project on branch can help Qlik Branch

2,572 Views
0 Likes
Not applicable
‎2017-10-16 03:43 AM
Author

In response to Vincenzo_Esposito

That's not enough detailed for me, could you guide me into the configuration of "QlikLogin"?
I downloaded it, properly configured the QMC part.
I created a virtual proxy called "ldap login page"
Attaching a screenshot showing vp settings:

https://imgur.com/kdpM6OQ

8084 is the port configured in "config.js"


Here another screenshot showing how I am exporting certificates:
https://imgur.com/JGamGdx

No password set, nor secret key.
Copied all the exported files into the folder.

I attached the virtual proxy to the only node I have (central).

The problem probably comes from the "config.js", I am not sure about the params I entered.. here another screenshot:

https://imgur.com/iLi5nmq

I launch "QlikLogin.bat" and enter in my browser's URL "https://oralab205w(computername):8084" and I can succesfully see the login page: https://imgur.com/4RA7Krb
But, no matter which credentials I use, I get rejected with the following error:

https://imgur.com/wbrRa6R

TypeError: options.url ^ options.socketPath (String) required  
at Object.createClient (C:\Users\qlik\Downloads\Qliklogin-master\node_modules\ldapjs\lib\client\index.js:47:13)
at C:\Users\qlik\Downloads\Qliklogin-master\indexauth.js:79:22  
at Layer.handle [as handle_request] (C:\Users\qlik\Downloads\Qliklogin-master\node_modules\express\lib\router\layer.js:95:5)
at next (C:\Users\qlik\Downloads\Qliklogin-master\node_modules\express\lib\router\route.js:131:13)
at Route.dispatch (C:\Users\qlik\Downloads\Qliklogin-master\node_modules\express\lib\router\route.js:112:3)
at Layer.handle [as handle_request] (C:\Users\qlik\Downloads\Qliklogin-master\node_modules\express\lib\router\layer.js:95:5)
at C:\Users\qlik\Downloads\Qliklogin-master\node_modules\express\lib\router\index.js:277:22
at Function.process_params (C:\Users\qlik\Downloads\Qliklogin-master\node_modules\express\lib\router\index.js:330:12)
at next (C:\Users\qlik\Downloads\Qliklogin-master\node_modules\express\lib\router\index.js:271:10)
at C:\Users\qlik\Downloads\Qliklogin-master\node_modules\body-parser\lib\read.js:129:5

Am I missing something with node.js or ldapjs?
Can someone further explain me what am I doing wrong and what can I do to make it work?

2,572 Views
0 Likes
Not applicable
‎2017-10-18 08:12 AM
Author

In response to

I am not that good in js, but to me (in indexauth.js, https://imgur.com/PhPp9g9) it looks like that the credentials used to login are the credentials used to query the LDAP, but this wouldn't be possible cause there's only one user (called LDAPReader) with the permissions to query LDAP.
Isn't there any other solution that would allow me to authenticate with LDAP credentials?

2,572 Views
0 Likes
tanvi_madan1
Partner - Contributor III
Partner - Contributor III
‎2017-12-11 06:36 AM

In response to

Hi Roberto,

Did get any resolution for this as i am also facing same issue??

My LDAP user directory connector is Operational and able to view users in QMC but not able to logged into Hub.

Regards,

Tanvi

2,572 Views
0 Likes
sergiorey
Partner - Creator
Partner - Creator
‎2018-09-26 10:57 AM

In response to tanvi_madan1

Hi Roberto, Tanvi.

I am currently in the same situation. I was able to synchronize users against the LDAP (OpenLDAP) but not able to authenticate users against the LDAP so as to access to the Hub.

Did you get any resolution for this?

Thank you very much.

Regards,

Sergio.

2,572 Views
0 Likes
nixpeng24
Contributor
Contributor
‎2020-09-29 01:33 AM

In response to sergiorey

Hi Sergio,

I'm currently in the same situation with you.

Do you get any resolution for this?

Thank you very much.

 

Regards,

Nix.

1,426 Views
0 Likes