Qlik Community

Qlik Sense Integration, Extensions, & APIs

Discussion board where members can learn more about Integration, Extensions and API’s for Qlik Sense.

jp_golay
Contributor

Virtual proxy password

I can't understand where we set the password using a rest connection to a Virtual Proxy using " Header authentication dynamic user directory"

In the rest query I add the proxy prefix, then add the header like this

And the query get executed sucessfully without to ask any password ???? I miss something or it's enough to know the conn/username

Thanks JP

4 Replies
konrad_mattheis
Contributor III

Re: Virtual proxy password

Hi Jean-Philippe,

the idea behind a header authentification is that you are injecting the right person, and the system is trusting you.

This is only working id the user con not inject the authentication header itself. So you need an apache / nginx,.. before who is taking care of that.

bye

Konrad

daniel_peger
New Contributor III

Re: Virtual proxy password

Hi,

as Konrad already said, With header authentication there is no password. One adds the authentication headers containing username and user directory to the http requests and is "authenticated" as this user without any further action needed/possible.

I did always think of this authentication method to be useful for debugging but not for production environments. With browser extensions like Modify Headers for FireFox you can easily add the required headers to your browser's requests and impersonate any user...

Best regards

jp_golay
Contributor

Re: Virtual proxy password

So what we need is a way to authenticate against a virtual proxy

In a production environment how can we achieve that?

For the moment we only have used windows ad but other customers will want others way to trustly authenticate

Thanks for your help

Jean-Philippe Golay

ebiexperts

jp.golay@ebiexperts.com

+41 79 647 2723

Le 18 déc. 2015 à 14:27, Daniel Peger <qcwebmaster@qlikview.com> a écrit :

Virtual proxy password

reply from Daniel Peger in Qlik Sense - Integration, Extensions and APIs - View the full discussion

Hi,

as Konrad already said, With header authentication there is no password. One adds the authentication headers containing username and user directory to the http requests and is "authenticated" as this user without any further action needed/possible.

I did always think of this authentication method to be useful for debugging but not for production environments. With browser extensions like Modify Headers for FireFox you can easily add the required headers to your browser's requests and impersonate any user...

Best regards

Reply to this message by replying to this email, or go to the message on Qlik Community

Start a new discussion in Qlik Sense - Integration, Extensions and APIs by email or at Qlik Community

Following Virtual proxy password in these streams: Inbox

© 1993-2015 QlikTech International AB | Copyright & Trademarks | Privacy | Terms of Use | Software EULA

daniel_peger
New Contributor III

Re: Virtual proxy password

Perhaps you might want to take a look at my answer at Re: Setup SQL (ODBC) User Directory Connector this pretty much covers the same topic...

Community Browser