Qlikview in iframe - log in from different domain without asking for credentials

Question

I have to show qlikview document in ASP MVC application, and I have used iframe to do this. But, every time user opens this page it is being asked for credentials for qlikview server (windows security dialog), because qlikview server is not in the same domain. When these credentials are typed in, everything works fine.

Now I have to make this log in automatic, without dialog appearing (I know credentials for each user). I tried to do this by passing username and password through URL following way:

http://username:password@qvserver.com

This works fine in Chrome, but I have to allow it in Internet Explorer 9 also. I have changed proper registry keys as suggested here http://support.microsoft.com/kb/834489, in order to enable this functionality in IE.

But now, when I open page in IE, with iframe which has src attribute URL with embedded username and password, Qlikview accesspoint is shown, but user is never authenticated. Accesspoint is stuck on loading content.

Did anyone had the same problem? Is there another way to do this? Please help!

Answer 1

I'm pretty sure there is no secure way to do a relogin using a iframe.

You could however install the QlikView Web Server componnet on the other server, and use it as a alternate proxy to the QlikView Server on the other domain. This is QlikView recommended way to circumvent any cross site scripting.

The procedure would be: Install QlikView Web Server on server B, then use the QMC on server A to configure it. Remember to use the same service account on both servers.

You're other option would be to create a trust between the 2 domains, which would allow SSO between them.