Wer in letzter Zeit demo.heldendaten.net besucht hat, dem ist vielleicht aufgefallen, dass QlikSense und QlikView sich nun eine gemeinsames Portal auf unserer Demoseite teilen. Für Details zur Installation und weiteren Erkenntnissen siehe den Artikel unterhalb - ausnahmsweise in Englisch!
![]()
The result should be a website, where a user can both access QlikSense and QlikView in a unified way. With a simple tab menu the user can switch between QlikSense Hub and QlikView Accesspoint.
![]()
As described here, there is a switch in the VMWare settings to run a nested virtual machine. As I found out, this seems to be only valid for 32-bit virtual machines. With this information it was clear to run QlikView within the 32-bit virtual machine, because QlikSense only supports 64bit environments and therefore needs to run directly in the Win2008 R2 64bit Amazon instance.
![http://www.adminhorror.com/2011/09/installing-and-running-virtual-machine_302.html]()
![]()
To make QlikView Accesspoint available on demo.heldendaten.net, follow these steps:
• Open "Virtual Network Editor" on Amazon Instance
• Add a "NAT Setting" to map port 80 to the virtual machine's port 80 on 192.168.22.128
![]()
3.2.1 QlikView Server
In the QMC "Servers|Security" define "Allow anonymous"
![]()
3.2.2 QlikView Web Server
In QMC "Web Servers" define "Authentication = Login"
![]()
3.2.3 NTFS file rights
Assign anonymous user "read" writes to public .qvws
![]()
As we don't have a SSL certificate available for demo.heldendaten.net, we allowed "http". This should never be done in a real world deployment, as critical data is send unsecured over the network. Port was changed to 8080. This was necessary to not overlap with the NAT-Port80 configuration of QlikView.
![]()
4.1.2 Allow Anoynmous Access
As demo.heldendaten.net should be accessible for everybody, anonymous access needs to be enabled.
![]()
4.1.3 Websocket white list
To allow websocket communication between the user's browser and QlikSense, we need to whitelist the websocket origin. Add "demo.heldendaten.net" here.
![]()
https://github.com/seebach/it.QlikPortal/tree/master
Files are installed into the 32bit virtual machine C:\QlikViewSenseWebpage
Modify the index.htm and tab.htm to point to the correct addresses.
![]()
![]()
The resulting QlikPortal on http://demo.heldendaten.net is shown below. The first tab shows the QlikSense hub, the second tab shows the Qlikview Accesspoint.
![]()
Port 80 --> Access QlikView Accesspoint
Port 8080 --> Access QlikSense hub/QMC
Port 4248 --> Authentication Port for QlikSense (authenticated access)
![]()
1) Create Custom Property "Company"
![]()
2) Assign the Custom Property to all relevant users
![]()
3) Define Stream security rule
![]()
4) This results in the following hub for a authenticated user.
![]()
![]()
2) Resulting in the following hub for any anonymous user
![]()
1 Overview
QlikView Server 11.20SR9 and QlikSense Server 1.0.2 are not allowed to run both on the same machine. As we want a single entry point http://demo.heldendaten.net on our Amazon EC2 Cloud Instance (and want to avoid the costs of running two separate machines), we came up with the following deployment scenario.
The result should be a website, where a user can both access QlikSense and QlikView in a unified way. With a simple tab menu the user can switch between QlikSense Hub and QlikView Accesspoint.
2 VMWare in Amazon Instance
2.1 VMWare in VMWare
As Amazon EC2 instances are virtual machines itself, it's not easily possible to run another virtual machine within the virtual machine.As described here, there is a switch in the VMWare settings to run a nested virtual machine. As I found out, this seems to be only valid for 32-bit virtual machines. With this information it was clear to run QlikView within the 32-bit virtual machine, because QlikSense only supports 64bit environments and therefore needs to run directly in the Win2008 R2 64bit Amazon instance.
2.2 VMWare Player
I installed different versions of VMware into the Amazon instance, but in the end I run the virtual machine via VMWare Player 6. That's not very elegant (virtual machine does not restart automatically when the Amazon instance reboots), but should be good enough for the demo environment.3 QlikView Server
QlikView Server is a standard installation into the 32 bit virtual machine. Below you find the modification that were done.3.1 NAT Configuration
The virtual machine is configured to use NAT. From within the Amazon instance the virtual machine is reachable on 192.168.22.128
To make QlikView Accesspoint available on demo.heldendaten.net, follow these steps:
• Open "Virtual Network Editor" on Amazon Instance
• Add a "NAT Setting" to map port 80 to the virtual machine's port 80 on 192.168.22.128
3.2 Anonymous Access
To allow anonymous access on the QlikView Accesspoint portal, Session CALs are needed. Additionally the following settings were done to allow anonymous Access.3.2.1 QlikView Server
In the QMC "Servers|Security" define "Allow anonymous"
In QMC "Web Servers" define "Authentication = Login"
3.2.3 NTFS file rights
Assign anonymous user "read" writes to public .qvws
4 QlikSense Configuration
The current QlikSense installation is a simple, single-node installation. The following configurations were done to allow anonymous (as well as authenticated) users in the environment.4.1 Proxy Config
4.1.1 http accessAs we don't have a SSL certificate available for demo.heldendaten.net, we allowed "http". This should never be done in a real world deployment, as critical data is send unsecured over the network. Port was changed to 8080. This was necessary to not overlap with the NAT-Port80 configuration of QlikView.
4.1.2 Allow Anoynmous Access
As demo.heldendaten.net should be accessible for everybody, anonymous access needs to be enabled.
To allow websocket communication between the user's browser and QlikSense, we need to whitelist the websocket origin. Add "demo.heldendaten.net" here.
5 Unified QlikPortal
5.1 QlikPortal
To allow a "unified" portal for QlikSense and QlikView we used the following github projecthttps://github.com/seebach/it.QlikPortal/tree/master
Files are installed into the 32bit virtual machine C:\QlikViewSenseWebpage
Modify the index.htm and tab.htm to point to the correct addresses.
5.2 Mount Portal
To host the portal in the QlikView Webserver add the following empty root folder via QMC
The resulting QlikPortal on http://demo.heldendaten.net is shown below. The first tab shows the QlikSense hub, the second tab shows the Qlikview Accesspoint.
6 Amazon Security Group
To allow access to the QlikSense and QlikView services, one must add the following Firewall rules in the AWS-console:Port 80 --> Access QlikView Accesspoint
Port 8080 --> Access QlikSense hub/QMC
Port 4248 --> Authentication Port for QlikSense (authenticated access)
7 QMC Setup
7.1 Licenses
User Access passes were assigned to 6 heavy users. 90 Tokens are assigned to anonymous users resulting to 900 access passes in 28 days.
7.2 Streams
7.2.1 heldendaten internal - only visible for authenticated user
The stream "heldendaten internal" is only visible to our internal users. As no Active Directory is available on the amazon instance, we used Custom Properties to simulate group membership.1) Create Custom Property "Company"
2) Assign the Custom Property to all relevant users
3) Define Stream security rule
4) This results in the following hub for a authenticated user.
7.2.2 Visualizations - accessible for everyone stream
1) The following rule was defined to make the stream visible for both anonymous and internal users.
2) Resulting in the following hub for any anonymous user
