Qlik Community

Qlik Sense Integration, Extensions, & APIs

Discussion board where members can learn more about Integration, Extensions and API’s for Qlik Sense.

niceqlik
New Contributor III

How to establish a secure web socket connection (wss://) using Qlik Engine API ?

Hi everybody,

I have found a nice article describing how to consume Qlik Engine API by making use of Web Sockets.

http://sentienttidbits.blogspot.com.tr/2014/09/a-simple-websocket-client.html

This example is using Qlik Sense Dekstop so that it doesn't have to worry about authentication because in Desktop basically there is only one user that can use the API.

But how about using Qlik Sense Server's web socket layer? It sounds to me that we need to use wss:// and some sort of certificates for making API calls but couldn't find a way.

All I want to do is to authenticate a user first somehow in a custom client application (using ticketing or etc.) and then use this very same user to fetch Qlik App Data (based on the security level it has) to be used in this application. 

1 Solution

Accepted Solutions
akl
Honored Contributor

Re: How to establish a secure web socket connection (wss://) using Qlik Engine API ?

And to answer your question a bit more clearly,

If your user already is authenticated, i.e a session cookie exists then supply that cookie in the http upgrade request and the socket will open.

If your is not authenticated and you use ticketing, supply ?qlikTicket=<ticket> value to your wss://server/app/<enginesession> connection. This will consume the ticket and send a Set-Cookie header back containing your session cookie.

Another concept to look out for is what we refer to as the whitelist.
In Qlik Sense QMC under your virtual proxy we have something called the origin whitelist. Everytime a websocket connection is established (well the http upgrade to be technical) we verify the origin of that request against the whitelist to determain if you should be granted access. So make sure whatever service you are building has it's origin listed in the whitelist.

7 Replies
Not applicable

Re: How to establish a secure web socket connection (wss://) using Qlik Engine API ?

any idea or answer ?

Employee
Employee

Re: How to establish a secure web socket connection (wss://) using Qlik Engine API ?

Are you using .Net for your development? If so, have you tried using the Qlik Sense .Net SDK? With that SDK you can connect as NTLM user like this:

var location = Location.FromUri(new Uri(<my Uri>));

location.AsNtlmUserViaProxy();

using (var hub = location.Hub())

{

  Console.WriteLine(hub.ProductVersion());

}

The documentation for the method can be found here: LocationExtensions.AsNtlmUserViaProxy Method

General information regarding getting started with the SDK can be found here: Qlik Sense .NET SDK ‒ Qlik Sense

niceqlik
New Contributor III

Re: How to establish a secure web socket connection (wss://) using Qlik Engine API ?

Hi Øystein, thanks for the reply.

Actually, i want to build a platform-independent solution.

I am aware of the .NET SDK but in the future, I may require to use Java or Objective-C to build native mobile apps.

So, i basically need to establish a secure web socket connection with some socket clients that are based on these environments.

Recently, i have found a utility based on Javascript. it makes sense to use it and it is working as exactly as i want.

https://github.com/mindspank/qsocks

But i still need to find out how i can adapt this utility into a generic solution so that i can use it when building let's say an Android app. In the following days, i will be working on this subject and will update this topic when there is an applicable solution.

akl
Honored Contributor

Re: How to establish a secure web socket connection (wss://) using Qlik Engine API ?

Hey Ismail,

You can just use qsocks as a starting point, the architecture will be pretty similar regardless of language.

I have used jetty for Java in the past which worked ok as a websocket client.

You probably won't find something that is generic enough to cross-compile between platforms but the code architecture will look the same.

akl
Honored Contributor

Re: How to establish a secure web socket connection (wss://) using Qlik Engine API ?

And to answer your question a bit more clearly,

If your user already is authenticated, i.e a session cookie exists then supply that cookie in the http upgrade request and the socket will open.

If your is not authenticated and you use ticketing, supply ?qlikTicket=<ticket> value to your wss://server/app/<enginesession> connection. This will consume the ticket and send a Set-Cookie header back containing your session cookie.

Another concept to look out for is what we refer to as the whitelist.
In Qlik Sense QMC under your virtual proxy we have something called the origin whitelist. Everytime a websocket connection is established (well the http upgrade to be technical) we verify the origin of that request against the whitelist to determain if you should be granted access. So make sure whatever service you are building has it's origin listed in the whitelist.

niceqlik
New Contributor III

Re: How to establish a secure web socket connection (wss://) using Qlik Engine API ?

Many thanks Alexander,

This is exactly what i need to hear to learn about the underlying mechanism. The key point for me is to get the current session or create a new one.

So, now i can use whatever technology i want to reach the same goal

Sincerely,

lathakatti
New Contributor II

Re: How to establish a secure web socket connection (wss://) using Qlik Engine API ?

I have implemented authentication, but still I am getting websocket connection failed error. If I whitelist my client host in virtual proxy, it works fine. Could you please let me know, what is that I am missing

Community Browser