Hello everyone,
We're trying to access Qlik sense from external network through another server that has a published ip (redirects to the Qlik sense server) but this public ip is only accessible through a 3rd party software (iDenProtect) which does authentication, access and single sign on. The hub and the app are working fine but get stuck on the loading screen.
We added all IPs to the whitelist.
we checked the logs when the sheet doesn't open and this is the error message that we found.
Got msg: {"jsonrpc":"2.0","method":"OnClosed","params":{"qSessionState":"SESSION_ERROR_SECURITY_HEADER_CHANGED"}} in webs session 273aea4e-a960-41e0-9801-e53862998c60
17:33:24.452 1211069<tel:1211069>[HttpClient@629769605-235] INFO c.i.u.websocket.SocketHandler - Relaying message {"jsonrpc":"2.0","method":"OnClosed","params":{"qSessionState":"SESSION_ERROR_SECURITY_HEADER_CHANGED"}} for websocket session 5, to /app/a3fffb4d-38b5-43e4-ad53-9723db436098?reloadUri=https%3A%2F%2Fproxy.idenprotect.net<http://2fproxy.idenprotect.net/>%3A9999%2Fsense%2Fapp%2Fa3fffb4d-38b5-43e4-ad53-9723db436098
WebSocket Error: java.nio.channels.ClosedChannelException
This error seems to occur when the 2ndwebsocket connection is created. The two websocket connections are to.
wss://proxy.idenprotect.net:9999/app/a3fffb4d-38b5-43e4-ad53-9723db436098?reloadUri=https%3A%2F%2Fproxy.idenprotect.net%3A9999%2Fsense%2Fapp%2Fa3fffb4d-38b5-43e4-ad53-9723db436098
and
wss://proxy.idenprotect.net:9999/dataprepservice/app/a3fffb4d-38b5-43e4-ad53-9723db436098?reloadUri=https%3A%2F%2Fproxy.idenprotect.net%3A9999%2Fsense%2Fapp%2Fa3fffb4d-38b5-43e4-ad53-9723db436098
The error “SESSION_ERROR_SECURITY_HEADER_CHANGED” is a googlewhack, a google search that only returns one result. It seems to be related to connecting directly to the engine vs via a proxy and/or session sharing.
Hello @dewan_abdullah
SESSION_ERROR_SECURITY_HEADER_CHANGED would basically happens if you have checked the option "Extended security environment" in the virtual proxy settings in the QMC and that something external is changing the header during your session.
The X-Qlik-Security header contains various information such as browser type, client IP, etc. If those information are changed by an external device during the user session, then the X-Qlik-Security header will change and this will cause an error.