Qlik Community

QlikView Management

Discussion Board for collaboration on QlikView Management.

Not applicable

SSO When Client App not in QlikView Server

Hi there,

I wonder anyone can help me.  I am new to this QlikView.  I have problem to establish SSO when fidder (client app) is outside QlikView Server.  Instead of pass through, the windows security dialog box is triggered.

I have followed the Qlikview 10 Accesspoint SSO.pdf and configure our QVS to DMS mode and using QVUSER http header.  I am able to establish SSO within QlikView server.  After submitting the http header by local fidder, I can connect to the corresponding Accesspoint browser page without invoke the windows security dialog box.

We are using QlikView Server v10 SR3 in Windows 2008 R2 enterprise server.

Many thanks in advance,

Eric.

1 Solution

Accepted Solutions
danielrozental
Honored Contributor II

SSO When Client App not in QlikView Server

I think you're missing the right permissions for IIS anonymous user, or you can set the anonymous security settings in IIS.

11 Replies
danielrozental
Honored Contributor II

SSO When Client App not in QlikView Server

What webserver are you using? QlikView Web Server or IIS?

Not applicable

SSO When Client App not in QlikView Server

Hi Daniel,

IIS.  I have stopped the QlikView Web Server windows service.

Thanks,

Eric.

danielrozental
Honored Contributor II

SSO When Client App not in QlikView Server

I think you're missing the right permissions for IIS anonymous user, or you can set the anonymous security settings in IIS.

Not applicable

SSO When Client App not in QlikView Server

Hi Daniel,

Thanks for your help.  Yes, the IIS is set to use Windows Authentication instead of Anonymous Authentication.  After I set the QvAjaxZfc virtual directory to use Anonymous Authentication.  It all work even outside the QlikView server.

Many thanks,

Eric.

danielrozental
Honored Contributor II

SSO When Client App not in QlikView Server

Be aware that using an HTTP header for single sign on is not a secure way to do it.

If your users are accessing sensible information you should consider a more robust solution.

Not applicable

SSO When Client App not in QlikView Server

Thanks for you advice Daniel.  By any chance you can recommend any other robust solutions to integrate with QlikView Accesspoint?  HTTP header is the only documented way that I found.  I haven't looked at the Workbench side yet but if necessary I will look into it.

Eric.

danielrozental
Honored Contributor II

SSO When Client App not in QlikView Server

You should look into ticketing, build your own portal using it.

Not applicable

SSO When Client App not in QlikView Server

Thanks

Not applicable

SSO When Client App not in QlikView Server

HI Eric,

I am running into the same issue.  By turning on anonymous access to QvAjazZfc virtual directory certainly does get rid of the Windows Security prompt, but I'm redirected to a "Login Failed" page once the AccessPoint page briefly shows.  I have QVS setup to accept anonymous user but that hasn't worked.  Also, I noticed on another working instance (my laptop) that I'm able to keep Windows Authentication on and QV utilizes the service account to do lookup for authentication and AccessPoint file list.

Any ideas on how to resolve my issue?

Thank you,

Ben

Community Browser