The http://sense-demo.qlik.com site does exactly that. We fetch a ticket in the background, then we consume said ticket by just issuing a GET against a resource behind the proxy with the ticket attached to it. Once the ticket has been consumed and the session cookie is present in the client you can just inject the qlik.js script into the head or manually bootstrap our API onto the page.
1. Browser requests ticket from server component.
2. Server component issues ticket to user/browser
3. Browser consumes ticket by requesting https://<your QS server>/resources/img/dark_noise_16x16.png?qlikTicket=<yourticket>
4. QS Server returns the image and a Set Cookie header.
5. Discard the image and just load the qlik.js API
Once the ticket has been consumed and the session cookie is present in the client you can just inject the qlik.js script into the head or manually bootstrap our API onto the page.
What's the difference between loading this require.js file (which is different stock require.js) and directly loading the qlik.js file? Also, can you give an example of manually bootstrapping the API? I'm not quite sure what you mean by that.
IMHO, the best place to start would be to work through one of the examples of a mashup application in node.js or the .net SDK.
That should give you a pretty good understanding of the architecture behind mashups.
If you've already gotten that far, then you'd have to give us more details on what else you'd like to know about the approach that Alexander laid out.
You can read more about the authentication API here:
The service that is used to actually obtain a ticket is here:
If you were using normal authentication, then you wouldn't have to worry about getting a ticket since the app would do it on your behalf, but if you are using a proxy with an authentication module (as would be the case in most node.js examples), then the service you deploy (i.e. the node.js app) calls the ticket method in the QPS after using whatever authentication the application defines.
Hope that helps.
I have a trouble related with this post issue:
I have server A and server B:
-Server A is the server where i've qlik sense server installed. (domain1)
-Server B is the server where I've have the code of QS mashup app. (domain2)
I want a Qlik ticket to authenticate app. To get this ticket I do a call to my API from the app of server B that return the string of the ticket. With this string I build an URL like this:
http://<my QS server>/myproxy/resources/img/dark_noise_16x16.png?qlikTicket=<myticketstring>
And put an iframe in my app to obtain the cookie to access to QlikSense.
The problem with this come when I want to import the libraryes that needs qlik to access to the app:
<script>http://<my QS server>/myproxy/resoyurces/assets/external/requirejs/require.js</script>
It seems the first access that app need to do is to import requirejs and in this moment I don't have access to the session cookie and windows autehnticate form pops up.
To fix that I tried to do a landing page that load the iframe and then redirect to my app with which needs requirejs.
The problem with that is landing page puts cookie into domain1 and I need to put it in the domain2 for my app can view it.
Is there any way to access to my app or to obtain the cookie before load requirejs or something similar?