Qlik Community

QlikView Management

Discussion Board for collaboration on QlikView Management.

danielrozental
Honored Contributor II

Qlikview ticketing for SSO is not working in Qlikview 11

If you need more security than IP addresses you coud use certificates (introduced in QV11).

In my case the webserver and QVS are on the same box so I guess I could just use 127.0.0.1, I wonder if that is the default value, I have to test that.

In the last sentence the document states

All solutions above are seen as good practice and should, if possible, be used instead of GetTicket

(as used in versions prior to QlikView 11).

So I guess the question is not "if" but "when".

danielrozental
Honored Contributor II

Qlikview ticketing for SSO is not working in Qlikview 11

Well, I've been doing a couple of tests with the Trusted IP settings and can't seem to be able to get it to work, no matter what I write in as a Trusted IP address I'm still able to request webtickets from any pc.

I'm not becoming a fan of the new webtickets, I guess IIS and windows authentication would still work.

Highlighted
Not applicable

Qlikview ticketing for SSO is not working in Qlikview 11

Hi,

i've tried to implement SSO with QV11 webticket.

No success so far.

I can get the ticket and when i fire the following URL

http://127.0.0.1/QvAJAXZfc/Authenticate.aspx?type=html&webticket=iGcsrTj3iYoYH58gXgYvP1D3PQLplP3GTNz...)

but my browser (IE, Firefox, Chrome,...) still ask me for loging in...

Do you have any idea on what's going wrong ?

danielrozental
Honored Contributor II

Qlikview ticketing for SSO is not working in Qlikview 11

Are you using IIS or QVWS? I think you need to have everything setup for anonymous access.

Not applicable

Qlikview ticketing for SSO is not working in Qlikview 11

I'm using IIS7 and everything from the QlikView website site is set to anonymous (including authenticate.aspx page)

Not applicable

Qlikview ticketing for SSO is not working in Qlikview 11

How did you make it work?

Could you please share your settings

(qvs, qvws, iis,...)

Have you made any change to the config.xml or web.config files ?

Thanks a lot

Not applicable

Re: Qlikview ticketing for SSO is not working in Qlikview 11

Hey Daniel, that sample code link isnt working. Do you have the actual doc to send or post?

Not applicable

Re: Qlikview ticketing for SSO is not working in Qlikview 11

now i'm wondering if its the same stuff code in the zip files others posted.

vgutkovsky
Honored Contributor II

Re: Qlikview ticketing for SSO is not working in Qlikview 11

Daniel,

Small update: I'm no longer concerned about the IP spoofing since I found out with implementation that WebTickets has a more complex security. You can have the IIS virtual application running under the QlikView Admin application pool OR if you're running the SSO website from a non-Windows machine (e.g. Apache web server) then you can specify the IP in IPV6 format (which is not so easy to spoof I think).

Regarding the other questions, I've never been able to get ticketing to work when QlikView web server is IIS and not QVWS. I usually install QVWS and run the ticketing website simultaneously in IIS. Since QVWS really is based on IIS, they don't conflict with each other. I create an application pool in IIS manually to run under the QV Admin account and set the SSO website to run under that pool. Bada bing, bada boom.

Vlad

  • danielrozental
    Honored Contributor II

    Re: Qlikview ticketing for SSO is not working in Qlikview 11

    Thank for the udate Vlad.

    I've also run into a couple other issues related to using ticketing as an authentication system, you're unable to manually assign named CALs unless you have a DSC in place (this has been accepted as a bug), leased licenses gets lost after you open QlikView again (this was a bug in QV9, corrected, now present again in QV10).

    Ralph, dropbox link still works https://www.dropbox.com/s/fnnxfafpyuiiztk/Customized%20authentication%20v1.0.zip