GetTicket Authentication still asking me for crede... - Page 2 - Qlik Community

phersan_sme · ‎2011-06-01

Hey all, I need your assistance.

I am currently using Qlikview 10 SR2 with IIS as my webserver. I am also using a Custom Directory with a prefix of TEST\ for all my users. (ex: test\johndoe, test\user2, etc)

I've written some code in VB.NET that acts as a landing page, and gets a ticket for authentication from the QlikView Server. You can find the code snippet I used here: http://community.qlik.com/message/117147#117147

So the main point of the code is that it makes a request for a ticket in the following structure: '<Global method="GetTicket"><UserId>' + username + '</UserId></Global>'

And the server replies with a ticket like so: 510EA55C2DB723DC04C16C6FB3CDAB24F3390792

Now, you're supposed to be able to use that ticket as a method of authentication for the user that you passed into the GetTicket request.

My code is running fine and I can retrieve a ticket without any problems.

However, when I try to access my AccessPoint by using the ticket parameter, it still asks me to log in. It's not an IIS authentication issue because when I change the log in settings in the QEMC to the alternate web form, it'll bring up the alternate web form asking me to log in; if I change it to the regular log in using browser authentication, the browser prompts me for a user name and password. If I type in my custom users, I can log into the AccessPoint.

I've also tried opening a specific document with a ticket and it still asks me to log in.

http://localhost/QlikView/?ticket=510EA55C2DB723DC04C16C6FB3CDAB24F3390792

http://localhost/QvAJAXZfc/AccessPoint.aspx?open=&id=QVS@qvcustom|AP/SalesTest.qvw&client=Ajax&ticket=510EA55C2DB723DC04C16C6FB3CDAB24F3390792

The weird thing is, is that I had it working before the weekend where it would log me into the AccessPoint by using nothing more than my ticket, and it suddenly stopped working this week when I booted up my server.

I've set my security for DMS authorization, authentication for Custom Users with a prefix of TEST\. Like I said, I had it working, and now it's stopped when I rebooted my system on the weekend. Did any QlikView config files change once I rebooted? What could cause something to stop working? I've wasted plenty of time playing with the QEMC already, did I miss something? Do I need to add anything to my code or my IIS settings?

I'm retrieving the tickets just fine, so why isn't the QlikView server accepting them?

Any thoughts are appreciated. Thanks.

danielrozental · ‎2011-06-03

I'm not really sure, why were you using tickets in the first place?

You can use custom users and the standard login page. If you don't like that page you can look into changing that but maintaining the functionality.

phersan_sme · ‎2011-06-03

The idea behind the ticketing system is driven by a Single Sign-On solution. By that I mean, at some point, the end-user has already logged into a portal/company website, and now you want to integrate qlikview (maybe with an IFrame) directly onto the company's website, etc. The user, as far as they're concerned, has already been authenticated through the portal, and logging in twice is redundant. The idea is to have a seemless integration between the portal and a QlikView application.

This would be easy with NTLM authentication, but we don't wanna use AD or Windows users. We're testing out the custom directory to leverage things like the built in "Change Password" function and keep everything within QlikView.

Thanks for your interest in this matter.

danielrozental · ‎2011-06-03

My own solution for this was to build my own AP but maybe things have changed since QV10, perhaps you should check with support.

Also, I don't know how QV carries the custom user from the login page for to the AP, maybe you can look into that, I don't believe they are using ticketing, if they're using a cookie or something like that maybe you can reproduce that as well and then use the standard AP.

Report Inappropriate Content · ‎2011-09-22

Same issue here. Can anyone provide insight.

Thanks

danielrozental · ‎2011-09-22

Can you provide any more details to your problem? have you read through the thread?

Report Inappropriate Content · ‎2011-11-17

Does anyone has solved this problem?I'm currently stucked at the point, too.

I show a custom login page, where I can create a valid ticket (Post with Javascript) and load redirect to the URL http://localhost/qlikview/index.htm?ticket=GUID, where GUID is the retrieved ticket number.

The Access Point pops up, but shows me immediatly the my custom login page again.

On my server I'm working NOT with IIS, only the QVWS is running.

phersan_sme · ‎2011-11-29

I was never able to get my custom directory working with the GetTicket function. I have not revisited the issue in a while.

agigliotti · ‎2015-03-30

Hi,

I have the same problem with my web app using web ticketing authentication: trying to open my qvw document the windows authentication comes up with username/password requests.

If I press Cancel the document is being opened correctly.

How can I remove this windows pop-up ?

I'm using QVWS with DMS authentication method.

I already tried passing the "anonymous=true" parameter in the URL, but inside my web app it doesn't works while taping the entire URL in browser address bar the qvw document is opened successfully with no authentication requests.

Below the .net code:

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Text;

using System.Xml.Linq;

using System.IO;

using System.Net;

protected void Page_Load(object sender, EventArgs e)

{

String servernameEST="bi1.mdf.it";

String username = "DB DSP TEN\\LRASPINI";

String groupname = "123456";

string Ticket = btnGetWebTicket(servernameEST, username, groupname);

if (Ticket == "")

{

//ERRORE non c'è ticket

return;

}

str_accpoint = lnkCallAccesspoint(servernameEST, username, groupname, Ticket);

Response.Redirect(str_accpoint);

}

//////////////////////////////////////////////////////

protected string btnGetWebTicket(string servername, string username, string groupname)

{

string gruppi = "";

StringBuilder groups = new StringBuilder();

if (!string.IsNullOrEmpty(gruppi))

{

groups.Append("<GroupList>");

foreach (string group in gruppi.Split(new char[] { ';' }))

{

groups.Append("<string>");

groups.Append(group);

groups.Append("</string>");

}

groups.Append("</GroupList>");

groups.Append("<GroupsIsNames>");

groups.Append("true");

groups.Append("</GroupsIsNames>");

}

string webTicketXml = string.Format("<Global method=\"GetWebTicket\"><UserId>{0}</UserId>{1}</Global>", username, groups);

bool chkAnonymous = false; //true;

string result = CommHelper.Execute(webTicketXml, new Uri("https://" + servername + "/QvAJAXZfc/GetWebTicket.aspx?anonymous=true"), chkAnonymous, 10000);

string Ticket = "";

if (string.IsNullOrEmpty(result))

{

return "";

}

else

{

XDocument doc = XDocument.Parse(result);

if (doc.Root.Element("_retval_") != null)

{

Ticket = doc.Root.Element("_retval_").Value;

return Ticket;

}

if (doc.Root.Element("message") != null)

{

XAttribute xatt = doc.Root.Element("message").FirstAttribute;

return "";

}

return "";

}

protected string lnkCallAccesspoint(string servername, string username, string groupname, string ticket)

{

string docName = "Gestione Tenute";

if (groupname != "")

docName = docName + "_" + groupname;

string txtTry = @"https://" + servername + @"/QvAJAXZfc/opendoc.htm?document=" + docName + @".qvw&anonymous=true&host=QVS@bi1";

string txtBack = "http://connect.mdf.it/Admin/QlikView_Tenute.aspx";

return "https://" + servername + string.Format("/QvAJAXZfc/Authenticate.aspx?type=html&anonymous=true&webticket={0}&try={1}&back={2}", ticket, txtTry, txtBack);

}

public class CommHelper

{

public static string Execute(string question, Uri iAddress, bool anonymous, int timeoutms)

{

try

{

HttpWebRequest client = (HttpWebRequest)WebRequest.Create(iAddress);

if (!anonymous)

{

client.UseDefaultCredentials = true;

client.PreAuthenticate = true;

}

client.Method = "POST";

client.Timeout = timeoutms;

client.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;

using (System.IO.StreamWriter sw = new StreamWriter(client.GetRequestStream()))

sw.WriteLine(question);

System.IO.StreamReader sr = new StreamReader(client.GetResponse().GetResponseStream());

return sr.ReadToEnd();

}

catch (Exception)

{

return null;

}

Thanks

Andrea

GetTicket Authentication still asking me for credentials to log in