This might not be a specific qlik question but just wanted to seek help from community if anyone has faced similar issue.
We have set up SSO using shibboleth and one of the SP is qlik while another is our java based application.
User is login into Java app (SP2) getting redirected to IDP after authentication redirected back to SP2. In the welcome page of SP2 ,we have embedded qlik sense objects using mashup API (CORS). Now since user is not yet authenticated against qlik (SP1) , with web socket connection , its getting redirected to IDP which in turns redirect entire page to qlik sense after setting SP1 cookie.
If I use IFRAME everything works fine because the redirection and back redirection happens inside iframe and SP1 cookie gets set.
Has anyone encountered similar issues. As of now I have solved this issue by a hidden iframe. but looking for a permanent solution.
For logout if not using SAML in the virtual proxy, specify the authentication module uri and when a user logs out they will be redirected to that web page. For SAML, I believe they would be redirected using an SP-initiated SAML request.