Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2016-01-14 06:27 AM

SSO for Ajax accesspoint using Small Business Edition Solution

Hello everyone this is my first entry in Qlik community. I've spent a few days looking around for a solution to implement a Single Sign On solution in my qlikview server and never found what I needed. After some tinkering me and a fellow engineer found a solution to our particular problem and decided to share it. Any comments on this solution are appreciated!

Inicial scenario

Licence type: Small Business Edition

Web-server: IIS

Authentication: NTLM

Authorization: NTFS (Forced by licence)

Login Address: Default login page (browser authentication)

Requirements: We needed to implement qlikview authentication in a webportal that contains an application and embed an iframe with a qlikview document, this authentication needs to be as invisible as possible so that the user doesnt even know he's using two different applications.

Solution:

  • Changed Login Address type to Custom login page
    • The reason for this is that we will need to be able to post the user credentials via ajax. Maybe other workarounds exist but this was what we were able to implement.
  • IIS Reverse proxy using ARR and URL rewrite
    • We have both websites in the same IIS, o we simply enabled ARR proxy and in URL rewrite we created a Reverse Proxy rule with "QvAjaxZfc(.*)|qlikview(.*)" as a pattern to rewrite URL as https://qlikviewserver/{R:0}
    • This allowed us to access qlikview resources from our webportal like this : https://webportal/qlikview/FormLogin.htm
    • There might be cross origin problems associated so if it doesnt work, that might be something that needs to be handled.
  • Automatic login
    • As required we want to login in our webportal, and at the same time login in qlikview. Our solution was to use JQUERY to send a formData login just like you would send over the FormLogin.htm page.
    • On click we retrieve the user and password from the webportal form and procede to Post the data via ajax JQUERY, with a modified url.
    • This method provided us with an invisible login since there is no redirect to accesspoint and no call back in case of failed authentication.
    1. $.ajax({
    2.   type: "POST",
    3.   url: "/QvAJAXZfc/Authenticate.aspx",
    4.   data: {
    5.   username: UserForm.value,
    6.   password: PasswordForm.value
    7.   },
    8.   contentType: "application/x-www-form-urlencoded",
    9.   success: function () {
    10.   alert('form was submitted');
    11.   }
    13.   });
  • iFrame
    • Just add an iFrame to your website, with the link you want, in our case we added a link directly to the document we want.

That's it!!! This solution might not work for every scenario but since I never found a solution for SSO with a small business edition licence i thought I could share some knowledge.

Any comments, tips or criticism is always welcome!

I'll try to create a step by step tutorial when I have time if anyone has problems following this.

Best regards

1,011 Views
0 Likes
1 Reply
elyM
Partner - Creator
Partner - Creator
‎2016-02-09 07:21 AM

Hi Marco,

thank you for sharing your solution,technically it look like interesting.

Regards,

Ely Malki

604 Views
0 Likes