Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
We have Qlik Sense September 2019 - 13.42.1
We are trying to access qlik from our company mobile app
from qlik side, we added a virtual proxy and set the authentication method as "header authentication static user directory"
when accessing qlik
curl -I -k -c cookie.txt "https://<qlik base usrl>/<virtual proxy>/hub/my/work" -H "<header-name>: userid"
receiving success response
HTTP/1.1 200 OK
Set-Cookie: X-Qlik-Session-prefix={23DA935C-D834-43BA-AA16-9F1ADCB88879}:17652123-3146-41d7-ae63-7cf8271a0295; Path=/; HttpOnly; Secure
when trying from mobile browser or from curl passing same received cookie in other following requests, qlik respond "Could not authenticate the request: Expected an authentication header", while same session cookie is set in the request
curl 'https://<qlik base usrl>/<virtual proxy>/hub/stream/e7a976fd-eff3-426f-ad88-12c97bd6d22d' \
-H 'Connection: keep-alive' \
-H 'Pragma: no-cache' \
-H 'Cache-Control: no-cache' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H 'Sec-Fetch-Site: none' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-User: ?1' \
-H 'Sec-Fetch-Dest: document' \
-H 'Accept-Language: en-US,en;q=0.9,ar;q=0.8' \
-H 'Cookie: X-Qlik-Session-<prefix>={23DA935C-D834-43BA-AA16-9F1ADCB88879}:17652123-3146-41d7-ae63-7cf8271a0295' \
--compressed \
The only way to make it work by forcing browser to pass user header in all requests, which is not logic
Can you please help?
I am seeing the same issue. did you find a fix?
no, I didn't find a solution till know
To whom it may concern: The cookie seems irrelevant for the auth method 'Header authentication dynamic user directory'.
Opening a Websocket is done by setting the 'Header authentication header name' to the '$ud $id'- combination configured in the "header authentication dynamic user directory".
e.g. if
then setting the parameters
{
"test-user": "TEST@testuser"
}
just works. It also attaches existing sessions on other machines.