Originally used for authentication and negotiation of secure DCE/RPC, NTLM is also used throughout Microsoft's systems as an integrated single sign-on mechanism.

validating user via ntlm-11validating user via ntlm-18

Qlik View provides a third method for single sign-on, Custom Ticket Exchange (CTE), when neither of the methods described above is suitable.

CTE relies on the user having authenticated previously to another system: Ticketed authentication is mainly applicable when embedding Qlik View content in third-party applications and portals, and is rarely used for providing general access to Qlik View.

Although Qlik View can be configured to allow anonymous access, the majority of implementations require users to be authenticated.

In such environments, Qlik View always requires that the user is authenticated when establishing a session via Qlik View Server (either through a browser or when downloading and opening a document via the Qlik View Desktop client).

In the Qlik View context, the authentication of a user is almost always done against an external entity that is then used to pass the externally authenticated user identity to Qlik View Server.

In such a scenario, Qlik View relies on the authentication to be performed prior to accessing Qlik View, and that some token of identity is transmitted to, and trusted by, Qlik View.

Typically a small amount of custom development is needed to implement the request and passing of the ticket for the CTE method to work.

The three methods described above all use a single sign-on principle, where the user ID and password are stored externally to Qlik View Server and an external entity is responsible for the authentication.

Less common, although possible, is the ability to store the user credentials in the Qlik View Server environment using the Custom Users functionality in Qlik View Publisher.

In this case, users and passwords are defined and stored within the Qlik View environment and the web tier of the Qlik View deployment is responsible for forms authentication.

This solution is suitable for smaller, standalone Qlik View Server deployments, and must not be used in environments where the user definitions are to be available to multiple systems.