Qlik Community

New to Qlik Sense

Discussion board where members can get started with Qlik Sense.

schiang79
New Contributor

AWS Application Load Balancer with QlikSense

Has anyone tried setting up the newer AWS application load balancer with QlikSense?  This new load balancer now supports websockets, but i've been running into some issues trying to get it to function properly.  Currently i'm trying to just get it to work simply through the default NTLM authentication method.

This all works fine if I disable NTLM and just allow anonymous.  When it's enabled, right now it get a Qlik 404 error when it tries to send the 4244 NTLM authentication request to the Qlik server.  It doesn't seem to be able to send the request to the appropriate target node even though I only have 1 node in the target group and the default rule sending everything to it.

6 Replies
eclutario
New Contributor

Re: AWS Application Load Balancer with QlikSense

Hi,

Were you able to resolve this? We are trying to setup Amazon Application Load Balancer with Qlik Sense and eventually through its content delivery network service CloudFront.

My AWS architect is stuck at the moment and couldn't make it work.

Cheers

Not applicable

Re: AWS Application Load Balancer with QlikSense

Hi - yes was anyone able to resolve this as I've been trying with an ALB to no avail as well. Would be great to get this working!

schiang79
New Contributor

Re: AWS Application Load Balancer with QlikSense

‌No, I've never gotten this to work using the default NTLM authentication because of the port jump.  What I've heard will work is if you use an alternate authentication that doesn't do the port jump like SAML or header authentication, it will work.  I haven't tried this myself yet.

lcr
New Contributor

Re: AWS Application Load Balancer with QlikSense

Hi,

ALB won't work with Windows authentication as only 443 port is authorized. Using SAML works fine. Don't forget to increase the webscocket timeout (default is 60 seconds) and configure the sticky session in the target group.

schiang79
New Contributor

Re: AWS Application Load Balancer with QlikSense

Couldn't you configure an additional listener in ALB to listen over HTTP(s) over port 4244 or 4243.  Then the windows authentication request from Qlik's port jump would be sent over to the target proxy node.  But I think the same problem still exists if you have more than 1 proxy node behind the ALB.  The jump to port 4244 or 4243 to get to Qlik's NTLM authentication service can still land on the "other" proxy node and not the originating request, causing the login to fail.

asimansari2017
New Contributor III

Re: AWS Application Load Balancer with QlikSense

Hi Steve Chiang‌ : Find Attachment @