9 Replies Latest reply: Apr 28, 2014 8:00 AM by Omer Demir Branched to a new discussion. RSS

    Authentication Problem - Asp.Net - Qlikview Workbench

    Omer Demir

      Hi,

       

      I'm trying to load documents and their obejcts using QvAjax library. I achieved to do this in IE but in chrome and firefox the page just gives an "Error". In the log there are following lines:

       

      <<Error Log begins>>

      XMLHttpRequest cannot load http://localhost/QVAJAXZfc/Authenticate.aspx?keep=. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.0.151' is therefore not allowed access.


      XMLHttpRequest cannot load http://localhost/QVAJAXZfc/QvsViewClient.aspx?mark=&host=Local&view=metrics&slot=&platform=WORKBENCH&dpi=96&xrfkey=fb4yrpIT0VFoIqHC. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.0.151' is therefore not allowed access.

       

      Uncaught TypeError:   Cannot call method 'getElementsByTagName' of null               QvAjax.js:25 Qva.PageBinding.Ready              QvAjax.js:25

      Qva.PageBinding.Ready              QvAjax.js:25

      c.onreadystatechange                   QvAjax.js:25

       

      XMLHttpRequest cannot load http://localhost/QVAJAXZfc/DocList.aspx?xrfkey=fb4yrpIT0VFoIqHC.            No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.0.151' is therefore not allowed access.

      <<Error Log ends>>


      The code I'm using:

      Qv.InitWorkBench({ View: '[docName]', BodyOnLoadFunctionNames: ['init'] });
                
      function init() {
        try {
        var select = document.getElementById("selectDocument");
        if (select.options.length > 1) {
        select.options.length = 0; //Empty the select box if filled before
        //select.size = 0;
        var el = document.createElement("option");
        }
      
      
        Qv.GetAllDocuments(function (docs) {
        for (var i = 0; i < docs.length; i++) {
        var doc = docs[i];
        var title = doc.title.substring(0, doc.title.length - 4);
        var el = document.createElement("option");
        el.textContent = title;
        el.value = title;
        select.appendChild(el);
        }
        });
        }
        catch (err) {
        txt = "There was an error on this page.\n\n";
        txt += "Error description: " + err.message + "\n\n";
        txt += "Click OK to continue.\n\n";
        alert(txt);
        }
      }
      }
      
      
      
      


      From error logs it seems like this is an authentication issue. But I coulnd't figure how to deal with authentication.


      You help is very much appreciated!


        • Re: Authentication Problem - Asp.Net - Qlikview Workbench
          Magnus Larsson

          you are opening a URL on localhost and but this page contains content from another origin, in this case an IP adress.

          Some browsers block out content for security reasons if not from the same origin.

          What would happen if you used the IP adress in the URL you open the page with instead of localhost?

            • Re: Authentication Problem - Asp.Net - Qlikview Workbench
              Omer Demir

              Actually there are 2 cases:

              1. When I run the page from localhost:xxxxxx/myApp address

                   In IE it works without error

                   In Chrome and Firefox gives the error in my previous post

               

              2. When I run the page from its ip address

                   All of the browsers I use gives the same error

               

              Is there anything we need to do on IIS ?

                • Re: Authentication Problem - Asp.Net - Qlikview Workbench
                  Magnus Larsson

                  strange. The error points to something to do with the origin.

                  The only thing I can think of would be to run fiddler and see if there is any call to some "origin" that you haven't thought of.

                    • Re: Authentication Problem - Asp.Net - Qlikview Workbench
                      Omer Demir

                      I ran the page and copied request and response headers for the both cases. And log created in the both cases is accessible here: http://goo.gl/3dC3cS

                       

                      WHEN I RUN FROM VISUAL STUDIO(LOCALHOST)

                       

                      REQUEST HEADER:

                      GET /promushub/Authenticated/DashboardNoGridster.aspx HTTP/1.1

                      Accept: text/html, application/xhtml+xml, */*

                      Accept-Language: en-US

                      User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko

                      Accept-Encoding: gzip, deflate

                      Host: localhost

                      DNT: 1

                      Connection: Keep-Alive

                      Cookie: qlikmachineid=bb2aa344-31fa-4aa2-8197-db797e0xxxxx; .ASPXAUTH=D45D3BFBB4C8B0F0432EC05C726E384E78860B138A8ADC806514E5579318F6FA42CA373FACF817CC02010055F397CA93C5867390018E07EE148E8BBE767291929F603CC111A6FDEAE7B6D859C6D4A07F23B3B7A3613BB276C555FF0833C4D12E4124CC182EA3D7420E45B793FA91DC04628A3B516DCD86DA8C71235506CB405C7FB2282A; ASP.NET_SessionId=kybnkbgmolkku0tqj4ffaold; AccessPointSession=36ad6937-33b4-0807-83b6-e4b1d7e9c793; xrfkey=nRI0KoD9eVBpueI4

                      QVUSER: wm\odemir

                       

                       

                      RESPONSE HEADER:

                      HTTP/1.1 200 OK

                      Cache-Control: private

                      Content-Type: text/html; charset=utf-8

                      Server: Microsoft-IIS/7.5

                      Access-Control-Allow-Origin: *

                      X-AspNet-Version: 4.0.30319

                      X-Powered-By: ASP.NET

                      Access-Control-Allow-Origin: *

                      Access-Control-Allow-Headers: Content-Type

                      Access-Control-Allow-Methods: POST,GET,OPTIONS

                      Date: Wed, 16 Apr 2014 13:29:04 GMT

                      Content-Length: 33937

                      ============================================================================

                      WHEN I RUN FROM IP ADDRESS

                       

                      REQUEST HEADER:

                      GET /promushub/Authenticated/DashboardNoGridster.aspx HTTP/1.1

                      Host: 192.168.0.151

                      Connection: keep-alive

                      Cache-Control: max-age=0

                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8

                      User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36

                      Accept-Encoding: gzip,deflate,sdch

                      Accept-Language: en-GB,en;q=0.8,tr;q=0.6

                      Cookie: qlikmachineid=f6ba9c23-f03f-471f-9ac4-971357cxxxxx; ASP.NET_SessionId=3hgaihrq43zmkk2airbict2m; xrfkey=fb4yrpIT0VFoIqHC; .ASPXAUTH=A4F0CEC6678A3C1398FCB2BFAACB8B56ABAE5A08FAC9C4F1EA9D5F6FD14757663F4A8D6A03914C2A6C0371F001B6D782E0B0BE1F5493783F71F9FBAC75E82F9670B9359B514BCF65DDAF24C1146C6EF0CA24F6CE0F36787AA9367EC72B2C645B524F50AF334B02A3D99FA3DB087A9A9F253C9FBDBAEDFA9F2FD25EFADD426A3E35A88173; AccessPointSession=d7234f57-5c37-68c7-c5ca-c66665aeded3

                      QVUSER: wm\odemir

                       

                      RESPONSE HEADER:

                      HTTP/1.1 200 OK

                      Cache-Control: private

                      Content-Type: text/html; charset=utf-8

                      Server: Microsoft-IIS/7.5

                      Access-Control-Allow-Origin: *

                      X-AspNet-Version: 4.0.30319

                      X-Powered-By: ASP.NET

                      Access-Control-Allow-Origin: *

                      Access-Control-Allow-Headers: Content-Type

                      Access-Control-Allow-Methods: POST,GET,OPTIONS

                      Date: Wed, 16 Apr 2014 13:18:59 GMT

                      Content-Length: 33937

                        • Re: Authentication Problem - Asp.Net - Qlikview Workbench
                          Magnus Larsson

                          I think you need to use a proxy or have the Accesspoint installed on the same machine as you are running your site from. Especially in the second snippet it is clear that content is coming from two different sources, "localhost" and "qlikview":

                           

                          4/16/2014 14:18:07.3761636 Information Request received [GET]: http://localhost/QVAJAXZfc/htc/QvAjax.js

                          4/16/2014 14:18:07.4425724 Information Request received [GET]: http://qlikview/QvAjaxZfc/htc/QvAjax.js

                           

                          Also in the first log bit there is some reference to host "qlikview", not sure if that is enough to trigger the same origin error.

                           

                          The workbench reference manual says:

                           

                          If the AccessPoint (that is, the QvAjaxZfc virtual directory) is not on the same machine as the QlikView

                          WorkBench web site, a proxy must be used to avoid cross-site scripting issues. For asp.net sites,

                          Proxy.aspx can be used. If using a QlikView WorkBench template to create the web site, Proxy.aspx,

                          is automatically used.

                          As an alternative, a custom proxy can be created. See Using Custom Proxy (page 42) for more information.

                            • Re: Authentication Problem - Asp.Net - Qlikview Workbench
                              Omer Demir

                              We have achieved to see document and object names using QvAjax file by,

                              1. changing all of the address references'' initial part to qlikview(our machine name) as you advised.
                              2. adding an ldap account on Mgmt console which let us authenticate

                               

                              So we've used Active Directory option to authenticate user.

                              In the future we will need to have our application and qlikview server on different machines, in that case we might use web ticketing and proxy.

                               

                              Thanks for your help.

                    • Re: Authentication Problem - Asp.Net - Qlikview Workbench
                      Martijn Biesbroek

                      Hi,

                       

                      IE performs NTLM authentication out of the box, and I suspect that the security settings of IE allow localhost or some ip adress etc. --> that is the reason you see it working with IE and not with the other browsers.

                       

                      all code should originate from the same source (webserver url, or ip adres etc.). The code of the initworkbench, makes a call to the QV javascript files. And I suspect that call might to localhost, or 127.0.0.1 or something and your browser prevents that.

                       

                      see attachment (thanks to MRW)