Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2016-12-12 11:28 AM

How to get the credentials of the current authenticated user to call a REST web service on a separate back-end server?

Hi,

Before I ask my question, here's a bit of context and scenario:

1. My end-users access: https://front-end-qlik-server and are redirected to a login page.

2. They proceed to enter their credentials, submit and are redirected to:

- https://front-end-qlik-server/extensions/ExtensionHome/ExtensionHome.html


3. My site is built on a set of Qlik Sense Extensions between which the user can navigate:

- https://front-end-qlik-server/extensions/Extension1/Extension1.html

- https://front-end-qlik-server/extensions/Extension2/Extension2.html

- and so on...

4. These extensions are mashups that embed Qlik objects and other HTML objects.

5. Data is loaded into the page from Qlik but also from a back-end server (unrelated to Qlik Sense) that exposes web-services.

Data is also posted from the extensions to the web-services.

Now, the problem:

So far I am calling my web services using ajax on the client side, from the JavaScript in my extensions.

These web services need authentication, and right now for development purposes I am using hard coded credentials.

However, I would like to use the Qlik Sense credentials to authenticate the client when calling my web services. (Credentials would be the same for the Qlik Sense server and my back-end server)


  • Could I get the credentials of the current authenticated user from the JavaScript in my extension?


My research so far:

I have explored this type of code in my browser js console that gives me the username :

var userData;

require( ["js/qlik"], function ( qlik ) {

    qlik.getGlobal(config).getAuthenticatedUser(function(reply){

          userData = 'User:'+reply.qReturn;

    });

});

Of course it would be a major security issue to be able to get the password from the browser on the client side.


  • How would experienced Qlik Sense developers deal with this type of situation?
  • Perhaps a REST data connector?
  • But wouldn't data be static and loaded only once?
  • How would I post data to the REST endpoint from the page?
  • Could the credentials for the REST connector be set dynamically?

Sorry for the long description, looking forward to some help.

2,915 Views
1 Reply
Alexander_Thor
Employee
Employee
‎2016-12-12 02:34 PM

We don't have any passwords in Qlik, the passwords are stored in your user management system (most commonly Active Directory) and it's the user directory that authenticates the user, not Qlik Sense.

The easiest solution would be to move your page out from being hosted as an extension and onto a real webserver so you can execute server-side code to authenticate your users both against Qlik Sense but also against any other systems.

1,987 Views
0 Likes