Can anyone explain how to set up ticket authentication for Qlikview Server 9? I don't really understand what is written in the manual.
I have QVS 9 running with IIS. Right now, i know the NT-tokens are coming in correctly and have the right information (username, group membership, etc) but somehow Qlikview isn't reading them correctly, and is prompting me for a password whenever I reach the AccessPoint page.
Do I put this in a configuration file for Qlikview or is this just for an example file that I would write just to see what the getTicket function does? If it is only an example, then where is this set in Qlikview Server's setup files?
I am getting the same problem. It appears that the ticket is not being accepted by the QV server. If I login using the qlikview login prior to accessing via .net web page it opens okay. Once I log out of the qv server, I get same problem again.
Set objXMLDoc = CreateObject("Microsoft.XMLDOM") objXMLDoc.async = False objXMLDoc.loadXML(ticketXML) GetATicket = objXMLDoc.documentElement.selectSingleNode("//_retval_").text End Function
(Note that this is just for testing. A real routine would have much beefier error checking and graceful recovery.)
This seems to work when I run it on the QV9 Server. It relies on a DLL to be installed that handles the call to create the QvsRemote.Client call. The DLL is installed as part of the QVS install. I haven't tried it yet, but I believe it's also installed as part of the web connector stuff if you have IIS on a separate box from QVS.
So if you run this little app (setting myuserid to your user id), it will create a big ticket string, such as 841F141FBF15EE2EABF3CD1533A6D2C2E5CF39AC.
For this to be of any use to you, your server must be using DMS authentication on the QV Server.
So what does this get you? It's assumed that you have already authenticated the user. The ticket assures you that this user is authorized to use the document that's being requested.
For example, where I work, we have our own authentication system. When users ask for a QV document, we intercept those requests and instead, send them off to our own authentication system. They enter their user ids and passwords to prove *who* they are, and are then sent back to our web server. So far, we know who they are, but that doesn't mean they are allowed to see our QV documents. At this point, we request the ticket and redirect them to the actual document with the ticket appended to the end of the URL.
When the ticket is generated, it keeps a record of it on the qlickview server for some short period of time. When they request the document with the ticket, QV knows who they are, and checks the document security to make sure they are authorized to actually view it.