1 Reply Latest reply: Sep 3, 2012 7:47 AM by Rikab Kothari RSS

    Custom login page can skip Windows authentication popup in every browser but Firefox

    Mirco Andreon

      Platform

      I installed QlikView 11 web application on IIS 6.1.

      Goal

      I need to authenticate users as Windows domain users, but I want to avoid them to insert username and password in the browser popup. I also need QV web application to be available to them also outside of the intranet. Users login to our web application with credentials that are the same as windows domain credentials in the intranet. Then with a link they open QV and I don't want them to retype their credentials.

      Current implementation

      So I found this way:

      • in IIS for each application in qlikview site, I set as authentication both Anonymous Authentication e Windows Authentication
      • in QlikView Management Console > System > Setup > QlikView Web Servers > QVWS@SERVERNAME > Authentication
        • Authentication = Always
        • Type = Ntlm
        • Login Address = Custom login page /qlikview/login3.aspx
      • I created the file C:\Program Files\QlikView\Web\login3.aspx

       

      <%@ Page Language="C#" %>
      
      <%
          String username = Request["username"];
          String password = Request["password"];
           %>
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
      "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
      <html xmlns="http://www.w3.org/1999/xhtml">
          <head>
              <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
              <title>QlikView - login</title>
              <script type="text/javascript" src="js/jquery-1.4.4.min.js"></script>    
          </head>
          <body>
          <script type="text/javascript" src="js/login.js"></script>
          <script type="text/javascript">
              $(document).ready(function () {
                  TryLogin(null, '<%=HttpUtility.JavaScriptStringEncode(username) %>', '<%=HttpUtility.JavaScriptStringEncode(password) %>', function (ok) {
                      if (ok) {
                          GoBack(_try);
                      } else if (_try != null) {
                          GoBack();
                      } else {
                          alert('Login Failed');
                      }
                  });
              });
          </script>
          </body>
      </html>
      

      Results and problems

      Using IE or Chrome, it logs in automatically using credentials we passed.

      But when I use Firefox it prompts the user with the Windows authentication popup, before letting JavaScript to perform the login.

      Attempts

      I tried to solve the issue by

      • adding SERVER_IP to Firefox network.automatic-ntlm-auth.trusted-uris and network.negotiate-auth.trusted-uris properties  (in about:config page)
      • removing <authentication mode="Windows" /> tag or setting mode to "None", in the web.config file of each QV web application

      but nothing worked.

       

      I hope someone could help me. Many thanks!