Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
After deploying the latest version of Qlikview, the ticketing functionality for SSO does not seem to be working. The server is running in DMS mode. We are getting a ticket when running the code for it. However if we pass this ticket in the URL it is still asking the user for login details. Has anyone faced this issue?
Vlad,
Apparently in QV11 there is something called Webtickets (not sure what the difference is with a regular ticket). I've just tested my code requesting a webticket instead of a ticket and it works almost the same way, with the difference that you can redirect to /QvAJAXZfc/Authenticate.aspx?type=html&webticket=TICKET and get to the Accesspoint.
It also allows for licenses to be leased, through the "Tools, Open QlikView Access Point" option in the developer.
You can find the sample code herehttp://community.qlik.com/docs/DOC-2952
It says I'm unauthorized to view that document...bummer. I've seen the Tools >> Open QlikView AccessPoint thing before, but never heard of webtickets. I will give this a try at some point, thanks!
Vlad
Vlad, I guess could email it to you if you want.
The other problem I'm facing with using ticketing (or webticketing) is that QV11 doesn't allow for manual named CAL assigment. They have removed that option and you need a DSC configured to assign them.
Daniel, would you be able to post the sample code for webtickets as an attachment of your next post? I am interested in it as well but I got the the same "unauthorized to view" message when I clicked on your link.
I have also tested QVS ticketing with V11 and it worked. The problem with QVS ticketing is, it does not go through AccessPoint (AP) so it could not do load balancing in a QVS cluster environment. You always have to specify a specific QVS node name. This web ticketing thing seems to go through AP and therefore it should be able to handle load balancing and failover.
There you go.
Looks like the .zip is corrupted, can't be opened...
Weird, it works fine for me.
Let's try it this way https://www.dropbox.com/s/fnnxfafpyuiiztk/Customized%20authentication%20v1.0.zip
eeeh .. i'v been following this threat because i posted the second message .. but are we still talking about the same thing??
my issue is that when i get an url from the accesspoint and paste that url to a new internet explorer session, the user won't get a ticket. Instead the user gets the standard access point login. This issue only is there when using IE Plugin. Not in AJAX
I'm not sure it's related, but I'm also not sure that your second post is related to the thread starter.
Daniel, thanks for the file! I read through the documentation. Seems like a very different method. One thing that concerns me is security with Webtickets. Basically, instead of requiring QlikView Administrator credentials like GetTicket.aspx, you instead set config.xml to trust certain IP addresses. If a request comes from that IP address, a web ticket will be issued for any arbitrary username. I'm just concerned that this is a big security hole. Suppose a user on an internal network deliberately sets his IP address to that of the trusted server. This will create a IP address conflict, and the network might be confused and in fact grant his computer that IP address. If it does, he can access any QV application as any user. To avoid this, network admins would need to lock down the IP functionality (so users can't be administrators on their own machines anymore)...seems messy.
Other than that, it seems pretty interesting. I'll have to give it a try sometime, just don't have the time now.
What are your thoughts?
Vlad