Re: Custom login page can skip Windows authenticat... - Qlik Community

bluishjoe · ‎2012-01-30

Platform

I installed QlikView 11 web application on IIS 6.1.

Goal

I need to authenticate users as Windows domain users, but I want to avoid them to insert username and password in the browser popup. I also need QV web application to be available to them also outside of the intranet. Users login to our web application with credentials that are the same as windows domain credentials in the intranet. Then with a link they open QV and I don't want them to retype their credentials.

Current implementation

So I found this way:

in IIS for each application in qlikview site, I set as authentication both Anonymous Authentication e Windows Authentication
in QlikView Management Console > System > Setup > QlikView Web Servers > QVWS@SERVERNAME > Authentication
- Authentication = Always
- Type = Ntlm
- Login Address = Custom login page /qlikview/login3.aspx
I created the file C:\Program Files\QlikView\Web\login3.aspx

<%@ Page Language="C#" %>
<%
    String username = Request["username"];
    String password = Request["password"];
     %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>QlikView - login</title>
        <script type="text/javascript" src="js/jquery-1.4.4.min.js"></script>    
    </head>
    <body>
    <script type="text/javascript" src="js/login.js"></script>
    <script type="text/javascript">
        $(document).ready(function () {
            TryLogin(null, '<%=HttpUtility.JavaScriptStringEncode(username) %>', '<%=HttpUtility.JavaScriptStringEncode(password) %>', function (ok) {
                if (ok) {
                    GoBack(_try);
                } else if (_try != null) {
                    GoBack();
                } else {
                    alert('Login Failed');
                }
            });
        });
    </script>
    </body>
</html>

The link we use to open QV is http://SERVER_IP/login3.aspx?username=UUU&password=PPP; I know it's not secure, but I start making it work and then I'll enhance secury.

Results and problems

Using IE or Chrome, it logs in automatically using credentials we passed.

But when I use Firefox it prompts the user with the Windows authentication popup, before letting JavaScript to perform the login.

Attempts

I tried to solve the issue by

adding SERVER_IP to Firefox network.automatic-ntlm-auth.trusted-uris and network.negotiate-auth.trusted-uris properties (in about:config page)
removing <authentication mode="Windows" /> tag or setting mode to "None", in the web.config file of each QV web application

but nothing worked.

I hope someone could help me. Many thanks!

qlikviewforum · ‎2012-09-03

Hey

I am trying to pass the windows credentials to a sharepoint site and fetch the data from sharepoint list into qlikview. Any help please?

Thanks,

qlikviewforum

mmarchese · ‎2018-07-09

Did you ever make any more progress on this?

Could you possibly share your whole ASP.NET solution instead of just that one code snippet?

bluishjoe · ‎2018-07-10

Hello, unfortunately I never solved this issue.

If I remember well, there's no other code than the one I shared.

Miguel_Angel_Baeyens · ‎2018-07-10

I cannot test now but from memory, you have to change some settings in the About:Config of Firefox to enable Windows integrated authentication.

Okay, I just found this, I don't know how usable is for the latest versions:

https://specopssoft.com/blog/configuring-chrome-and-firefox-for-windows-integrated-authentication/

Custom login page can skip Windows authentication popup in every browser but Firefox

Platform

Goal

Current implementation

Results and problems

Attempts

Web Clients