Skip to main content
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Showing results for 
Search instead for 
Did you mean: 
vgutkovsky
Master II
Master II

SSO + SSL

I've managed to get to get a very simple Single Sign On (SSO) environment set up by setting the User Name Header in QEMC to QVUSER and then using Fiddler to pass some ficticious username through a QVUSER header for a user that I've authorized in DMS mode. This works fine over HTTP (see the 1st screenshot).

error loading image

I'm having problems when I try to combine SSO and SSL. I have a valid SSL certificate installed on my server and my AccessPoint is working fine with HTTPS protocol. However, when I try to pass the header via HTTPS it doesn't work and I receive the message "Authentication Failed" (see the 2nd screenshot).

error loading image

Does anyone know what's going on and what needs to be done to be able to combine SSO and SSL?

Thanks!

6 Replies
Not applicable

Vlad,

I am having the exact same error attempting to go to AccessPoint. We are in DMS mode, are using it to do SSO, and when I set up the SSL certificate on the server, I get this error when attempting to go over SSL/port 443. http still works fine, but https does not.

Note: I can get to the root of my site just fine over SSL (https://mycompany.com), but when I go to the AccessPoint area (https://mycompany.com/qlikview) it gives me the authentication error.

Did you find any resolution to this in the last five months since you posted it?

If I find any resolution to this I will post it to the forums.

Gary

Not applicable

Well, I feel stupid. It had nothing to do with DMS or SSO. It was the setting in C:\ProgramData\QlikTech\QvWebServer\config.xml:

<HttpsPort>443</HttpsPort>

elbertfjr22
Partner - Contributor III
Partner - Contributor III

Hi Guys,

I managed to successfully setup SSO + SSL before (plus over tunneling). (SSO = WebSEAL). The "Authentication Failed" error might be coming from your IIS Web Site authentication setup. Enable the Anonymous Authentication even though your seting in QVS is Prohibit Anonymous. This is how fixed the problem.

Regards,

Elbert

vgutkovsky
Master II
Master II
Author

Thanks guys, but neither one of your suggestions worked for me unfortunately. Gary, my port was always set to 443 so that wasn't the problem. What sort of DSP are you using for your users?

Elbert, allowing anonymous authentication didn't change anything either. Are you sure that it wasn't a different setting somewhere?

Thanks,

elbertfjr22
Partner - Contributor III
Partner - Contributor III

hhhmm. What SSO sofware are you using? You can check your SSO log for a clue why you are getting the Authentication Failed error. Also, have to tried accessing via HTTP? (not HTTPS)

Regards,

Elbert

vgutkovsky
Master II
Master II
Author

Elbert,

Thanks for your reply. As I mentioned in the original post, it's working fine over HTTP and I'm using Fiddler to simulate a SSO header. I'm not seeing any clues in the Fiddler log unfortunately. Any thoughts?

Thanks,