Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
PierreSeiitra
Partner - Contributor II
Partner - Contributor II
‎2019-02-04 07:39 AM

Windows authentication and QRS API : works only using default credentials

Hi all,

I'm trying to automate application deployment using the QRS Api. Therefore i want to connect to the QRS API with a deployment user  (existing user in the domain and in Qlik)

 

I followed the following example : https://help.qlik.com/en-US/sense-developer/November2018/Subsystems/RepositoryServiceAPI/Content/Sen...

//Create the HTTP Request and add required headers and content in xrfkey
string xrfkey = "0123456789abcdef";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(@"https://servername.com/QRS/app?xrfkey=" + xrfkey);
request.Method = "GET";
request.UserAgent = "Windows";
request.Accept = "application/json";
request.Headers.Add("X-Qlik-xrfkey", xrfkey);
// specify to run as the current Microsoft Windows user
request.UseDefaultCredentials = true;
// make the web request and return the content
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream stream = response.GetResponseStream();
Console.WriteLine(new StreamReader(stream).ReadToEnd());

 

 I worked well. But when i'm trying to change the user by switching line 

request.UseDefaultCredentials = true;

to something like 

request.Credentials = new System.Net.NetworkCredential(userInfo.Login, userInfo.Password, userInfo.Domain);

 i'm always getting an http 401 response, even when using the exact same login/pass/domain i used to log into the server (should be the same as default credential).

 

Strangely, when trying to access to the QPS API with the same credentials, il works well ...

 

Any ideas/advice how to fix this ?

 

Thanks

Pierre

 

Labels (3)
Labels
1,748 Views
0 Likes
1 Solution

Accepted Solutions
Øystein_Kolsrud
Employee
Employee
‎2019-02-18 09:12 AM

I was finally able to figure this one out. I've also been wondering about this for quite some time. The trick was to add the credential to a credential cache, then pass along the right header in the request. Something like this:

 

var credentialCache = new CredentialCache();
credentialCache.Add(<url>, "ntlm", credential);
request.UseDefaultCredentials = false;
request.Headers[HttpRequestHeader.Authorization] = "ntlm";
request.Credentials = credentialCache;

I really can't give a good explanation for where that "ntlm" constant comes from though, but it seems like it's necessary. If anyone can point to a good site documenting that HTML authentication flow, then I would be happy to read it 🙂

Anyway, I've updated this project so that it now supports this type of authentication as well:

https://github.com/kolsrud/qlik_rest_sdk

Nuget package available here:

https://www.nuget.org/packages/QlikSenseRestClient

 

View solution in original post

1,695 Views
4 Replies
Øystein_Kolsrud
Employee
Employee
‎2019-02-18 09:12 AM

I was finally able to figure this one out. I've also been wondering about this for quite some time. The trick was to add the credential to a credential cache, then pass along the right header in the request. Something like this:

 

var credentialCache = new CredentialCache();
credentialCache.Add(<url>, "ntlm", credential);
request.UseDefaultCredentials = false;
request.Headers[HttpRequestHeader.Authorization] = "ntlm";
request.Credentials = credentialCache;

I really can't give a good explanation for where that "ntlm" constant comes from though, but it seems like it's necessary. If anyone can point to a good site documenting that HTML authentication flow, then I would be happy to read it 🙂

Anyway, I've updated this project so that it now supports this type of authentication as well:

https://github.com/kolsrud/qlik_rest_sdk

Nuget package available here:

https://www.nuget.org/packages/QlikSenseRestClient

 

1,696 Views
Øystein_Kolsrud
Employee
Employee
‎2019-02-25 03:28 AM

In response to Øystein_Kolsrud

@PierreSeiitra: Were you able to try this out? I'm curious to learn if it works in other environments than simply on my machine.

1,674 Views
0 Likes
PierreSeiitra
Partner - Contributor II
Partner - Contributor II
‎2019-09-13 05:50 AM
Author

In response to Øystein_Kolsrud

Hello @Øystein_Kolsrud 

I haven't tried your suggestion yet. I ended up using powershell to remotly execute my deployment tool with the right user.

I'll give a try next time i'll work on this tool.

Pierre

1,494 Views
PierreSeiitra
Partner - Contributor II
Partner - Contributor II
‎2019-09-16 03:28 AM
Author

In response to PierreSeiitra

Hello,

Good news, your fix works fine 🙂

Thanks !

 

Pierre

 

1,457 Views