Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
amars
Specialist
Specialist

Passing Login Credential's in Windows Server 2008 with IIS 7

Hi all,

We are in a process to migrate Qlikview Server 9 SR1 from Windows server 2003 (32 bit) to Windows Server 2008 (64 bit) . We want to use Named user CAL so that it can be used from any machine. For that we are not using Allow Dynamic User CAL Additions . For user's addition we have created a Windows local user & have added them in the CAL user's. But now when I try to access the dashboard it gives me error "No user CAL available for this user.

But when I turn on the Allow Dynamic User CAL Addition then if I use the Local user account to access the qlikview server , it work's but when I see the CAL user's info , My current login ID gets added to the list of called user's.

Anyone know's how the credential's get's passed to Qlikview in IIS 7 or Windows Server 2008 or some way they can be passed.

thanks in advance

Regards

Amar Shedage

5 Replies
Bjorn_Wedbratt
Former Employee
Former Employee

Hi Amar,

It depends on which client you're using. If you're running stand-alone QV or Plugin (using qvp://), the user name of the logged on user (on the client) is picked up from the operating system. So, if you're logged on as DOMAIN\USER on the client, this is what you will get in the CAL-list. Note that this does not mean that you're authenticated.

If running Java/Ajax the user name is picked up by the web server. If running QlikView Webserver or IIS with Integrated Windows Authentication you will get authenticated automatically and the CAL will be registered in a similar way as above. If using Basic authentication or any other authentication that requires you to log on to the web server, the CAL will be registered to the user logging on to the web server.

amars
Specialist
Specialist
Author

Thanks a lot Bjorn Big Smile

Not applicable

Hi Bjorn, I understand what you're saying and tested it out with our environment, and it works great with the Java client. But is there a way to force the Plugin option to take the authentication of the webserver instead of the Domain\User? Or, is there a place I can go to find more details on this?

amars
Specialist
Specialist
Author

Hi rob,

We have implemented it successfully, we just removed AllowAnonymous from the Ajax tag. and now it ask's for USer ID & password when opening a report in the QVP. Now we are able to share the licences among multiple user's but not two of them opening the same report at a time.

Regard's

Amar

Not applicable

Hey Amar, thanks for the reply. I don't think that's exactly what I'm looking for.

Truly, my problem comes from the security aspect. Because they have to sign on to the domain when they access the site, I don't want them to sign on again when they open the report. If I use the Java Client, their userid for the domain signon comes through perfectly, and this is with Section Access controlling the security of the doc. But when they hit the doc with IE, it brings over there Client OS userid...not the domain id. There's gotta be a way to have IIS pass the credentials of the domain signon to the QV Server through the IE plugin.