2 Replies Latest reply: Sep 1, 2016 10:39 AM by Jermaine Ramsaransing RSS

    Qlik embedded via iframe authentication

    Jermaine Ramsaransing

      Dear Experts,

       

      Our setup:

      Qlik sense separate server.

      Apache tomcat 7 on a separate server, with the bonita portal (user/pw in a postgres db) and an angularjs web application. These 2 applications are working on the same tomcat. They both live on the same url:

      • https://<url>/bonita (Java portal)
      • https://<url>/angularjswebapp (AngularJS web app)

       

      The UDC is also connected with the postgres db from bonita (where the user/pw is stored) for authorization.

       

      The end-user should login to the web app. The angularjs web app will use the java REST api, from bonita, to login. As soon the user has logged in, I will get a response cookie called, X-Bonita-API-Token with a long value.

      bonita-token.PNG

       

      The problem:

      I have a Qlik app in the angularjs web app, this is embedded via an iframe, like this: <iframe id="masterlist-iframe" src="<qlik.host.url>/bonitaheader/sense/app/<qlik app id>/sheet/ERXgW/state/analysis/options/clearselections?xrfkey=mSm27KU0yHTExOJd" style="border:none; height: 100%; width: 100%;"></iframe>.

       

      Header authentication:

      I wanted to do some authentication, with the following authentication method (virtual proxy) "header authentication dynamic user directory". But you need to add some custom headers. I can add custom headers via an ajax call and then update my "src" attribute with the response of my ajax call, but unfortunately I don't get the Qlik app working, because it's looking for resources that I don't have (those resources are on the Qlik server). The ajax call self is working tho, I'm getting the response, but as soon as the browser renders the result it will trow an error that it can't find require(). And on google I don't find good answers that can help me with this.

       

      Session authentication:

      So I want to try another method, sessions, but I don't control the bonita cookie, the bonita portal is doing that for me and I only see session examples with custom asp code. Is there a good how to, on this in combination with the setup of the above? Do you need to write custom code or can you only configure it?

       

      If you need to write custom code, I only have access to Java/Javascript (AngularJS).

       

      --edit

      If I see this movie, SessionAPIDotNet.mp4 - Google Drive, you NEED to have custom code :s?