Qlik Community

Ask a Question

QlikView Administration

Discussion Board for collaboration on QlikView Management.

Announcements
Join this live chat April 6, 10AM EST - QlikView to Qlik Sense REGISTER
cancel
Showing results for 
Search instead for 
Did you mean: 
vgutkovsky
Master II
Master II

Header authentication with SSL

OK, this one has stumped me for years. How the heck do you get header authentication working over HTTPS?? Works fine over HTTP. The minute I switch to HTTPS it doesn't let me authenticate to the AccessPoint. Using Fiddler, it does that thing where it presents an authentication dialog 3 times followed by "Login Failed." I'm pretty sure the issue is with Authenticate.aspx because the funny thing is that if I first submit the Fiddler request over HTTP, then open the session in IE, and then (after authentication) change the address in the browser bar to HTTPS, it works and preserves the header user correctly. So looks like it just has trouble getting past the Authenticate.aspx page while over HTTPS. I'm pretty sure that when you use HTTPS, the handshake happens before request headers are sent, which I'm guessing is at the root of the issue. Tried both QVWS and IIS. I'm sure there's something super simple I'm missing, but I'm stumped. Help!


Thanks all.

VG

Labels (2)
1 Solution

Accepted Solutions
vgutkovsky
Master II
Master II
Author

Posting on QlikCommunity is cathartic--been struggling with the issue for years, and just figured it out Smiley Happy Was a cypher & protocol problem. The solution was to download IIS Crypto on the web server, apply the default "Best Practices" and then reboot. Hope this helps someone else!

 

Oh, and the Fiddler issue was a red herring. Fiddler doesn't attach request headers properly to HTTPS calls. Use ModHeaders for Chrome instead.

View solution in original post

1 Reply
vgutkovsky
Master II
Master II
Author

Posting on QlikCommunity is cathartic--been struggling with the issue for years, and just figured it out Smiley Happy Was a cypher & protocol problem. The solution was to download IIS Crypto on the web server, apply the default "Best Practices" and then reboot. Hope this helps someone else!

 

Oh, and the Fiddler issue was a red herring. Fiddler doesn't attach request headers properly to HTTPS calls. Use ModHeaders for Chrome instead.

View solution in original post