1 Reply Latest reply: Mar 7, 2013 9:16 PM by Luke Chatterton RSS

    Login Failed at Access Point after upgrade to Server 11.02

    Luke Chatterton

      Hi There,

       

      I have upgraded a customer site from Server V11 SR1 to Server V11.02.11643.

       

      The access point won't allow me to log on.

       

      I cannot however login!

       

      Normally the users can just click the sign in and their windows user creds are passed though.

       

      Now it comes up with the access point screen as anonymous. If you click Anonymous then it takes you to the login2.htm page.

       

      I've tried entering all sorts of creditials. domain\username servername\username username@domain.com etc but it immediately just says "login failed" and don't allow you to continue.

       

      Seems too fast even to actually check.

       

      I uninstalled this version and reverted back to the 11 SR1 and functionality returned and can login just fine. Any ideas what I could try?

       

      I relicensed the server.

      I deleted the LEF files and meta and shared files.

      Rebooted numerous times and tried various login types.

      Nothing worked.

       

      Any ideas?

       

      Thanks

       

       

      access point.png

       

      login2.png

       

      LoginFailed.png

        • Re: Login Failed at Access Point after upgrade to Server 11.02
          Luke Chatterton

          Ok reread the release notes.

           

          Turns out they were using alternate login page.

           

          When to the page on the server can click apply.

           

          All fixed.

           

           

           

          Bug: 45832 QMS: Using NTLM Authentication with Custom or Alternate Login Page Vulnerability Fix

          We are issuing an update to address vulnerability in authentication when using NTLM authentication with Custom or Alternate Login Page.

          After implementation of this fix the end-user will need to login using a username in the form DOMAIN\UserID, if NTLM is used with Custom or Alternate Login Page.

          To implement this update and ensure that the combination of NTLM/custom login page/alternate login page is correctly secured please ensure that the following are implemented:

          -Install SSL if not already installed. The fix for this combination involves transmission of user credentials using clear text via HTTP Form standard.

          - If you use Alternate login in v11SR1, the pagename is Login2.htm. After upgrade to v11SR2 the pagename is FormLogin.htm. In QMC\System\Setup\QVWS resource\Authentication tab, click Apply and go to Access Point again, the link is correctly changed to FormLogin.htm.

          For custom login page to work after the fix the following steps also needs to be followed to change the custom login page:

           In the custom form, ensure that the user name input field is named username

           In the custom form, ensure that the password input field is named password

           In the custom form, ensure that the Form method parameter is set to POST

           In the custom form, ensure that the Action parameter is set to /QvAJAXZfc/Authenticate.aspx?back=[URL TO LOGIN PAGE]

          A sample of this recommended implementation is shown below.

          <form action="/QvAJAXZfc/Authenticate.aspx?back=/qlikview/FormLogin.htm" m