Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

Header authentication with PHP

Hi,

I'm attempting to implement Header Authentication. So does anyone have some PHP code for injecting headers then redirecting to https://qlikserver/HeaderProxPrefix/Hub?

cURL injects but doesn't redirect rather return the content.

Header() injects headers and redirects but seems omitting headers when redirecting.

My two headers are the cross-site key (XrfKey) and the header name.


Thanks,

Amir.

9 Replies
Not applicable
Author

Amir,

I think the issue is you are performing a redirect.  You need to create a new httprequest and add the headers.  From there you want to capture the response and output it to the browser.

I don't know a lot about php, but the concept is the same as it is with asp.net or using something like Postman to test.

The thing you need to remember is to supply a cert in the request as well or the connection won't be trusted and you may not be able to get the proper response in code.

jg

Not applicable
Author

Thanks Jeff. This is exactly what I am doing, retrieving the content, but that doesn't retrieve the css from resources folder in Qlik.

Here is my php code:

<?php $request = new HttpRequest('https://QlikServer/Prefix/hub?Xrfkey=abcdefg123456789', HttpRequest::METH_GET);

$request->setHeaders(array('X-Qlik-Xrfkey' => 'abcdefg123456789','CMI_Header' => 'CMI\U1'));

$request->setOptions(array('redirect' => 10));

echo $request->send()->getBody(); ?>

Above script inserts U1 to Users section in QMC. So that's why I don't think it may not be a certificate issue.
My script also returns response pointing to Qlik resources like: http://reverseProxy/resources/assets/hub/hub.css, thus returning error (below screenshot). While hub.css exists in http://QlikServer/resources/assets/hub/hub.css. That's why I thought returning html content only (getbody() in above script) isn't correct.


If I replace above URL with https://www.google.com it retrieves google's site html content (without pics though). If I put the URL https://QlikServer... directly to chrome it redirects to Qlik Hub.

So any code in ASP.net for this?

Many thanks.

Amir.

Not applicable
Author

Does it have something to do with your reverse proxy?  The request address for the css file, is that ip of the Sense server?

In addition, I'd look at your getBody function.  I don't think you want to do that.  You want to get the whole response so you need to reference it from the httprequest class in php instead of httpmessage.

http://php.net/manual/en/class.httprequest.php

But I think you need to test without your reverse proxy first to see if your code works.

jg

Not applicable
Author

The IP .128 is the server where my above php code is running (proxy server, not Qlik server).

My above code inserts users to QMC user list, but doesn't seem to return full page contents (css, png, etc.).

I didn't find in the httpRequest class (neither in cURL or Header()) a function to return the whole response, rather only the message. SetOptions: PHP: Request Options - Manual.

That's why I thought maybe someone knows a function in some php, asp.net, etc that does it.

Thanks,

Amir.

Not applicable
Author

Amir,

Here is a link to a sample page in .net.  It gets the ticket and then it does a response.redirect to the hub with the ticket appended.

https://www.dropbox.com/s/fgckbwj5hvqp4ak/tickrequest.aspx?dl=0

Not applicable
Author

Thanks Jeff! Very informative code. I see one button to request for ticket (with header), and another button to redirect with a sole URL parameter (no headers). I am looking for SSO with header authentication. So do I use your code as:

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(
"https://QlikServer/Prefix/hub?Xrfkey=abcdefg123456789");

            request.ContentType = "application/json";

            request.Method = "POST";

            request.Accept = "application/json";

            request.Headers.Add("X-Qlik-Xrfkey", "0123456789abcdef");

            request.Headers.Add("CMI_Header", "CMI\UI");         

            HttpWebResponse response = (HttpWebResponse)request.GetResponse();

        Stream stream = response.GetResponseStream();

            return stream != null ? new StreamReader(stream).ReadToEnd() : string.Empty;

If so, how do I redirect then to the hub or how do I display the response back from the hub to the browser after returning the stream? Sorry I am not expert in ASP.net.

Thanks,

Amir.

Not applicable
Author

I think instead of redirecting to the hub, you output the response to the browser.  You are already creating a request to the hub with the headers, therefore, you should get a response letting you in.  I'll have to play around with it to give you an updated sample. You have to make sure to include the certificate in the request.

jg

Not applicable
Author

I appreciate it. Looking forward for it.
Side question: How do I include the certificate in the request? I tried your code and the CertificateFoo is null.

Not applicable
Author

If you are getting null response on the certificate it means that the certificate lookup in the code is not finding the specified certificate to include in the request in your cert store.

I have my QlikClient cert in the personal folder of the local machine store.  You may not have the cert imported which is something you will want to do.  If you do, maybe it is in personal folder of current user store.  If that is the case you will want to change the reference in the cert lookup to point to Storename.CurrentUser.

jg