Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
jp_golay
Partner - Creator II
Partner - Creator II

Virtual proxy password

I can't understand where we set the password using a rest connection to a Virtual Proxy using " Header authentication dynamic user directory"

In the rest query I add the proxy prefix, then add the header like this

And the query get executed sucessfully without to ask any password ???? I miss something or it's enough to know the conn/username

Thanks JP

ebiexperts CTO
With WIP, Control everything!
Qlik Sense, QlikView and NPrinting Source control, Versioning and Deployment, Agile Lifecycle Management
4 Replies
konrad_mattheis
Luminary Alumni
Luminary Alumni

Hi Jean-Philippe,

the idea behind a header authentification is that you are injecting the right person, and the system is trusting you.

This is only working id the user con not inject the authentication header itself. So you need an apache / nginx,.. before who is taking care of that.

bye

Konrad

daniel_peger
Partner - Contributor III
Partner - Contributor III

Hi,

as Konrad already said, With header authentication there is no password. One adds the authentication headers containing username and user directory to the http requests and is "authenticated" as this user without any further action needed/possible.

I did always think of this authentication method to be useful for debugging but not for production environments. With browser extensions like Modify Headers for FireFox you can easily add the required headers to your browser's requests and impersonate any user...

Best regards

jp_golay
Partner - Creator II
Partner - Creator II
Author

So what we need is a way to authenticate against a virtual proxy

In a production environment how can we achieve that?

For the moment we only have used windows ad but other customers will want others way to trustly authenticate

Thanks for your help

Jean-Philippe Golay

ebiexperts

jp.golay@ebiexperts.com

+41 79 647 2723

Le 18 déc. 2015 à 14:27, Daniel Peger <qcwebmaster@qlikview.com> a écrit :

Virtual proxy password

reply from Daniel Peger in Qlik Sense - Integration, Extensions and APIs - View the full discussion

Hi,

as Konrad already said, With header authentication there is no password. One adds the authentication headers containing username and user directory to the http requests and is "authenticated" as this user without any further action needed/possible.

I did always think of this authentication method to be useful for debugging but not for production environments. With browser extensions like Modify Headers for FireFox you can easily add the required headers to your browser's requests and impersonate any user...

Best regards

Reply to this message by replying to this email, or go to the message on Qlik Community

Start a new discussion in Qlik Sense - Integration, Extensions and APIs by email or at Qlik Community

Following Virtual proxy password in these streams: Inbox

© 1993-2015 QlikTech International AB | Copyright & Trademarks | Privacy | Terms of Use | Software EULA

ebiexperts CTO
With WIP, Control everything!
Qlik Sense, QlikView and NPrinting Source control, Versioning and Deployment, Agile Lifecycle Management
daniel_peger
Partner - Contributor III
Partner - Contributor III

Perhaps you might want to take a look at my answer at Re: Setup SQL (ODBC) User Directory Connector this pretty much covers the same topic...