Attached is a downloadable .mp4 video file for those who cannot view YouTube videos.
This video will demonstrate the configuration steps necessary to start using iFrames or Mashups with Qlik Sense Enterprise for Windows.
To begin with, Qlik Sense installs a self-signed certificate by default. This will only be recognized as trusted on the Qlik Sense server itself. Opening the hub from another machine will present a warning.
For this reason, it’s recommended to use a 3rd party certificate on the proxy.
Here in the QMC, proxy settings, in security.
Paste the certificate thumbprint here.
For testing purposes, you can install the root certificate of Qlik Sense directly on the machine you want to test from.
The root certificate from the server machine will need to be installed on the testing machine in the Personal certificates folder.
You can find the thumbprint of that certificate by double-clicking on the certificate,
Go to the details tab, scroll down
And there you will find the thumbprint.
And paste it into the proxy security settings in the QMC
Secondly, a decision should be made about the type of Authentication to use for mashups or iFrame in Qlik Sense.
The recommended method would be Ticket Authentication. It’s a simple process of calling the proxy API to get a ticket and band it to the URL to create a session with Qlik Sense.
JWT, SAML and Header are also good methods of authentication to use, but some considerations apply for each.
Windows authentication is not recommended in the context of iFrame or mashups because changes to security and domain policies can severely impact functionality and also it will not work on non-Windows devices.
The decision depends on your needs. Here is chart outlining those options and providing links to more detailed information.
Next, there is an attribute called SameSite on the cookie settings for modern browsers.
If this is not configured correctly, the browser will reject the cookie for the intended iFrame or mashup.
In the QMC, under Virtual Proxies
A new virtual proxy setting should be created.
The HTTPS attribute must be enabled. This setting will not work with insecure HTTP connections.
And here, it’s recommended to select None, as this will allow the parent website to be from a different domain.
By default this SameSite attribute is set to Lax, which means that the parent website must be on the same domain to be accepted.
Setting this to Strict will prevent mashups or iFrame from working.
If you are running a version of Qlik Sense Enterprise earlier than April 2020,
These attributes must be manually set on the proxy config file, if running one of the earlier releases on this list.
That proxy config file found
under program files > Qlik > Sense > Proxy and the proxy.exe.config file.
The next important setting is the Host White list.
Click to add a new value.
This should be the server that is hosting the new mashup or iFrame.
If this is not set, you might see a 400 Bad Request error in the browser, and the
“Http request Host is not allowed” warning message in the logs.
Finally, when using a multi-page mash-up, moving from one page to another, by default this action will close the session. This would result in losing selections when moving to a different page.
To change this behavior,
First, stop the Qlik Sense Engine Service.
Then open the Settings.ini file with administrator privileges, located in
ProgramData > Qlik > Sense > Engine
Add the EnableTTL=1 setting
And the Session preservation time is recommended to be set to 30 seconds.
Also, as with any setting change, a carriage return must be added after the last line.
I hope this helped.
If you'd like more information
Search for answers using the Unified Search
tool on the Support Portal.
It searches across the Support Knowledge Base,
Qlik Community, Qlik Help site and Qlik YouTube channels.
Take advantage of the expertise of peers, product experts and technical support engineers
by asking a question in a Qlik product forum on Qlik Community
And don't forget to subscribe to the Support Updates Blog.