Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
PierreSeiitra
Partner - Contributor II
Partner - Contributor II
‎2019-02-04 07:39 AM

Windows authentication and QRS API : works only using default credentials

Hi all,

I'm trying to automate application deployment using the QRS Api. Therefore i want to connect to the QRS API with a deployment user  (existing user in the domain and in Qlik)

 

I followed the following example : https://help.qlik.com/en-US/sense-developer/November2018/Subsystems/RepositoryServiceAPI/Content/Sen...

//Create the HTTP Request and add required headers and content in xrfkey
string xrfkey = "0123456789abcdef";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(@"https://servername.com/QRS/app?xrfkey=" + xrfkey);
request.Method = "GET";
request.UserAgent = "Windows";
request.Accept = "application/json";
request.Headers.Add("X-Qlik-xrfkey", xrfkey);
// specify to run as the current Microsoft Windows user
request.UseDefaultCredentials = true;
// make the web request and return the content
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream stream = response.GetResponseStream();
Console.WriteLine(new StreamReader(stream).ReadToEnd());

 

 I worked well. But when i'm trying to change the user by switching line 

request.UseDefaultCredentials = true;

to something like 

request.Credentials = new System.Net.NetworkCredential(userInfo.Login, userInfo.Password, userInfo.Domain);

 i'm always getting an http 401 response, even when using the exact same login/pass/domain i used to log into the server (should be the same as default credential).

 

Strangely, when trying to access to the QPS API with the same credentials, il works well ...

 

Any ideas/advice how to fix this ?

 

Thanks

Pierre

 

Labels (3)
Labels
2,020 Views
0 Likes
1 Solution

Accepted Solutions
Øystein_Kolsrud
Employee
Employee
‎2019-02-18 09:12 AM

I was finally able to figure this one out. I've also been wondering about this for quite some time. The trick was to add the credential to a credential cache, then pass along the right header in the request. Something like this:

 

var credentialCache = new CredentialCache();
credentialCache.Add(<url>, "ntlm", credential);
request.UseDefaultCredentials = false;
request.Headers[HttpRequestHeader.Authorization] = "ntlm";
request.Credentials = credentialCache;

I really can't give a good explanation for where that "ntlm" constant comes from though, but it seems like it's necessary. If anyone can point to a good site documenting that HTML authentication flow, then I would be happy to read it 🙂

Anyway, I've updated this project so that it now supports this type of authentication as well:

https://github.com/kolsrud/qlik_rest_sdk

Nuget package available here:

https://www.nuget.org/packages/QlikSenseRestClient

 

View solution in original post

1,967 Views
4 Replies
Øystein_Kolsrud
Employee
Employee
‎2019-02-18 09:12 AM

I was finally able to figure this one out. I've also been wondering about this for quite some time. The trick was to add the credential to a credential cache, then pass along the right header in the request. Something like this:

 

var credentialCache = new CredentialCache();
credentialCache.Add(<url>, "ntlm", credential);
request.UseDefaultCredentials = false;
request.Headers[HttpRequestHeader.Authorization] = "ntlm";
request.Credentials = credentialCache;

I really can't give a good explanation for where that "ntlm" constant comes from though, but it seems like it's necessary. If anyone can point to a good site documenting that HTML authentication flow, then I would be happy to read it 🙂

Anyway, I've updated this project so that it now supports this type of authentication as well:

https://github.com/kolsrud/qlik_rest_sdk

Nuget package available here:

https://www.nuget.org/packages/QlikSenseRestClient

 

1,968 Views
Øystein_Kolsrud
Employee
Employee
‎2019-02-25 03:28 AM

In response to Øystein_Kolsrud

@PierreSeiitra: Were you able to try this out? I'm curious to learn if it works in other environments than simply on my machine.

1,946 Views
0 Likes
PierreSeiitra
Partner - Contributor II
Partner - Contributor II
‎2019-09-13 05:50 AM
Author

In response to Øystein_Kolsrud

Hello @Øystein_Kolsrud 

I haven't tried your suggestion yet. I ended up using powershell to remotly execute my deployment tool with the right user.

I'll give a try next time i'll work on this tool.

Pierre

1,766 Views
PierreSeiitra
Partner - Contributor II
Partner - Contributor II
‎2019-09-16 03:28 AM
Author

In response to PierreSeiitra

Hello,

Good news, your fix works fine 🙂

Thanks !

 

Pierre

 

1,729 Views