Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

Announcements
Qlik® Product Spotlight: Discover what’s possible. Get more from our products.
See for yourself. Register today.
Not applicable

The remote server returned an error: (403) Forbidden.

Hi All

I am trying to set up webtickets for our Qlik sense installation. I have a working virtual proxy set up pointing to my authentication application in the cloud.

A request to Qlik via the proxy redirects to auth app.

The app trys to request a ticket from myqlikserver.net:4243/qps/ticket but I get the error message The remote server returned an error: (403) Forbidden.

Is myqlikserver.net:4243/qps/ticket where i should be requesting the ticket from?  Am I missing some part of the process or a setting that needs enabling?

Below if the code used to request the ticket.

private string GetTicket(string user, string method, string ticketinguser, string ticketingpassword, string apiUrl)

        {

            string result = string.Empty;

            XDocument doc = new XDocument();

            try

            {

                string webTicketXml = string.Format("<Global method=\"GetWebTicket\"><UserId>{0}</UserId></Global>", user);

                System.Net.ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true);

                HttpWebRequest client = (HttpWebRequest)WebRequest.Create(new Uri(apiUrl));

                X509Store keystore = new X509Store(StoreLocation.CurrentUser);

                X509CertificateCollection certs = keystore.Certificates.Find(X509FindType.FindBySubjectName, "QlikClient", true);

                client.PreAuthenticate = true;

                client.Method = method;

                client.ClientCertificates = certs;

                client.UserAgent = "thars-auth";

                client.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;

                client.Credentials = new NetworkCredential(ticketinguser, ticketingpassword);

                client.UseDefaultCredentials = true;

                if (method == "POST")

                {

                    using (StreamWriter sw = new StreamWriter(client.GetRequestStream()))

                        sw.WriteLine(webTicketXml);

                }

                StreamReader sr = new StreamReader(client.GetResponse().GetResponseStream());

                result = sr.ReadToEnd();

                doc = XDocument.Parse(result);

                return doc.Root.Element("_retval_").Value;

            }

            catch (Exception e)

            {

                var sb = new StringBuilder();

                sb.Append("<h1>An error occured contacting the Qlik Sense Server</h1>");

                sb.Append("<p>");

                sb.Append(e.Message);

                if (e.InnerException != null)

                {

                    sb.Append("</br>");

                    sb.Append(e.InnerException);

                }

                sb.Append("</p>");

                sb.Append(result);

                sb.Append(Environment.NewLine);

                sb.Append(apiUrl);

                apiURL = apiUrl;

                ContentDiv.InnerHtml = sb.ToString();

            }

            return null;

        }

6 Replies
Not applicable

Re: The remote server returned an error: (403) Forbidden.

Enable MRSProxy

1. Open the Exchange Management Shell. 

2. Run the following command to enable MRSProxy:

Set-WebServicesVirtualDirectory "<ServerName>\EWS (Default Web Site)" -MRSProxyEnabled $true

3. Restart Internet Information Services (IIS) by using the iisreset command.

Disable and then enable MRSProxy

1. Open the Exchange Management Shell. 

2. Run the following command to disable MRSProxy:

Set-WebServicesVirtualDirectory "<ServerName>\EWS (Default Web Site)" -MRSProxyEnabled $false

3. Wait a few minutes, and then run the following command to enable MRSProxy:

Set-WebServicesVirtualDirectory "<ServerName>\EWS (Default Web Site)" -MRSProxyEnabled $true

4. Restart Internet Information Services (IIS) by using the iisreset command.

Add the following line:

request.UseDefaultCredentials = true;

This will let the application use the credentials of the logged in user to access the site. If it's returning 403, clearly it's expecting authentication.

It's also possible that you (now?) have an authenticating proxy in between you and the remote site. In which case, try:

request.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;

Not applicable

Re: The remote server returned an error: (403) Forbidden.

As far as I am aware Qlik snese is not running on IIS in our installation. I think it is running on the built in webserver.

gainkarthi
Valued Contributor

Re: The remote server returned an error: (403) Forbidden.

Where do you have your authentication application deployed ?

Not applicable

Re: The remote server returned an error: (403) Forbidden.

Hi Karthikeyan currently the Authentication site is hosted as an Azure Web Application. Qlik sense is deployed on an Azure Virtual Server

gainkarthi
Valued Contributor

Re: The remote server returned an error: (403) Forbidden.

Got it. Can you share the Virtual proxy and Proxy configuration settings ?

Not applicable

Re: The remote server returned an error: (403) Forbidden.

Here are the settings of the proxy

proxy.PNG

and the linked virtual proxy

vproxy.PNG

Community Browser