Skip to main content
Announcements
Global Transformation Awards! Applications are now open. Submit Entry
cancel
Showing results for 
Search instead for 
Did you mean: 
elva_lester
Contributor III
Contributor III

Using a Session Cookie with Repository API

I have a .NET MVC web application that requires SSL.  I am able to successfully access the Proxy Service to obtain a session ID and store it in my forms authentication cookie to allow for single sign-on.  I am able to display a specific app or sheet within an iframe by simply specifying the URL.  Instead of hard-coding the GUIDs for the apps and sheets, I would like to use the Repository Service to get a list of available apps and sheets.  Whenever I call qrs/virtualproxy/app/hublist, I get the html for the login screen returned.  I have tried adding various headers, but can't seem to find the right combination.  Here's my code:

public string GetAppList(string method, string server, string virtualProxy, string user, string userdirectory, HttpCookie session)
{
string url = server + "/qrs/" + virtualProxy + "/app/hublist";

//Create the HTTP Request and add required headers and content in Xrfkey
string Xrfkey = "0123456789abcdef";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url + "?Xrfkey=" + Xrfkey);
request.Method = method;
request.Accept = "application/json";
request.ContentType = "application/json";
request.Headers.Add("X-Qlik-Xrfkey", Xrfkey);
request.Headers.Add("X-Qlik-User", "UserDirectory=" + userdirectory + ";UserId=" + user);
request.Headers.Add("X-Qlik-Virtual-Proxy-Prefix", virtualProxy);

// make the web request and return the content
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream stream = response.GetResponseStream();
return stream != null ? new StreamReader(stream).ReadToEnd() : string.Empty;
}

Basically, I want the call to work like the .NET SDK command location.AsExistingSessionViaProxy(sessionCookie.Value, sessionCookie.Name).  Is this possible?

Thanks.

1 Solution

Accepted Solutions
elva_lester
Contributor III
Contributor III
Author

Thank you.  That definitely was part of my problem.  The other thing I needed to do was to add the Session cookie to the request as follows:

request.CookieContainer = new CookieContainer();

request.CookieContainer.Add(new Uri(server), new Cookie(session.Name, session.Value));

View solution in original post

17 Replies
konrad_mattheis
Luminary Alumni
Luminary Alumni

Hi Elva,

yes this should be possible. You have to extract the cookie out of the response.

bye Konrad

elva_lester
Contributor III
Contributor III
Author

Yes, I am able to extract the cookie, but I cannot get the qrs request to use it.  I tried request.Headers.Add("X-Qlik-SessionId", session.Value);  where the variable session is the cookie.

grangerats
Partner - Contributor III
Partner - Contributor III

Hi,

  If you're trying to get to the QRS Api via a Virtual Proxy, you appear to be using the wrong path. It should be /{virtual-proxy-prefix}/qrs/...  E.g. /virtualproxy/qrs/app   or    /virtualproxy/qrs/app/full   or   /virtualproxy/qrs/about/api/description   With that, you can use whatever AuthC your Virtual Proxy is setup to use.

elva_lester
Contributor III
Contributor III
Author

Thank you.  That definitely was part of my problem.  The other thing I needed to do was to add the Session cookie to the request as follows:

request.CookieContainer = new CookieContainer();

request.CookieContainer.Add(new Uri(server), new Cookie(session.Name, session.Value));

dmohanty
Partner - Specialist
Partner - Specialist

Hi elva.lester‌, grangerats‌,

I have a similar requirement to get the active SMSESSION cookie for an application in Access Point. Once I can capture that, I have to pass the same as one of the header and x-api-key as another to call the URL (HTTP request).

Any suggestion here how to capture that SMSESSION cookie (or all cookie of that page) using VBScript or JScript in Qlik?


Regards!

dmohanty
Partner - Specialist
Partner - Specialist

Hi elva.lester, grangerats


Any possible help on my request please?


Regards!

grangerats
Partner - Contributor III
Partner - Contributor III

Not enough information, and what's there appears to be jumping between many different products. Sounds like only a small portion of it has anything to do with Qlik Sense. And, finally, it sounds like a completely new topic; ask a new question (not on this question) and supply more detail.

dmohanty
Partner - Specialist
Partner - Specialist

grangerats

Thank you for suggestion

I have a thread already created here -

Generate a user specific SMSESSION cookie calling a WebService

To simplify more -

  • Fetch the SMSESSION cookie from the login browser (may be using a Macro). Store in variable or notepad.
  • Use this SMSESSION as one of the header input and X-API-KEY as another input to call the URL (HTTP Request)

GET https://iri1lvu09j.execute-api.us-east-1.amazonaws.com/oe_stage/api/v1/token-generator/generate?user...user’s login id

Content-Type: application/json


User – User’s Log in id


UUID -  cb6d61da-1eb4-4827-bc32-fb2a71f15f8b (It is just a unique transaction tracking identifier.  We can use whatever you want to generate it and can be any format.  It will be part of the API logs we can find it in Splunk. It should be unique per request.  It will accept the same one on multiple calls and does not do duplicate checking.)

amien
Specialist
Specialist

@elva.lester

Just wondering. .why dont you use the SDK for extracting all the apps and sheets indeed of adding de API solution?