4 Replies Latest reply: Dec 18, 2015 10:32 AM by Daniel Peger RSS

    Virtual proxy password

    Jean Philippe Golay

      I can't understand where we set the password using a rest connection to a Virtual Proxy using " Header authentication dynamic user directory"

       

      In the rest query I add the proxy prefix, then add the header like this

      And the query get executed sucessfully without to ask any password ???? I miss something or it's enough to know the conn/username

      Thanks JP

        • Re: Virtual proxy password
          Konrad Mattheis

          Hi Jean-Philippe,

           

          the idea behind a header authentification is that you are injecting the right person, and the system is trusting you.

          This is only working id the user con not inject the authentication header itself. So you need an apache / nginx,.. before who is taking care of that.

           

          bye

          Konrad

          • Re: Virtual proxy password
            Daniel Peger

            Hi,

             

            as Konrad already said, With header authentication there is no password. One adds the authentication headers containing username and user directory to the http requests and is "authenticated" as this user without any further action needed/possible.

             

            I did always think of this authentication method to be useful for debugging but not for production environments. With browser extensions like Modify Headers for FireFox you can easily add the required headers to your browser's requests and impersonate any user...

             

            Best regards

              • Re: Virtual proxy password
                Jean Philippe Golay

                So what we need  is a way to authenticate against a virtual proxy

                In a production environment how can we achieve that?

                For the moment we only have used windows ad but other customers will want others way to trustly authenticate

                Thanks for your help

                 

                 

                Jean-Philippe Golay

                ebiexperts

                jp.golay@ebiexperts.com

                +41 79 647 2723

                 

                Le 18 déc. 2015 à 14:27, Daniel Peger <qcwebmaster@qlikview.com> a écrit :

                 

                 

                 

                 

                Virtual proxy password

                reply from Daniel Peger in Qlik Sense - Integration, Extensions and APIs - View the full discussion

                 

                Hi,

                 

                 

                 

                as Konrad already said, With header authentication there is no password. One adds the authentication headers containing username and user directory to the http requests and is "authenticated" as this user without any further action needed/possible.

                 

                 

                 

                I did always think of this authentication method to be useful for debugging but not for production environments. With browser extensions like Modify Headers for FireFox you can easily add the required headers to your browser's requests and impersonate any user...

                 

                 

                 

                Best regards

                 

                Reply to this message by replying to this email, or go to the message on Qlik Community

                Start a new discussion in Qlik Sense - Integration, Extensions and APIs by email or at Qlik Community

                Following Virtual proxy password in these streams: Inbox

                 

                 

                © 1993-2015 QlikTech International AB | Copyright & Trademarks | Privacy | Terms of Use | Software EULA