QlikView has had a Custom Ticket Exchange (CTE) mechanism since Version 9. Prior to Version 11, this mechanism was run by executing a COM call on the QlikView Server and retrieving a time-limited ticket. By attaching the ticket to the URL used to open a document, it identified the user to QlikView Server. There was a limitation in that the ticket could only authenticate a user to one document (using the qvajaxzfc/opendoc.htm
page).
Since Version 11.0, a new mechanism has been introduced whereby, a ticket is obtained by making a web service call to the QlikView Server. This ticket can now be used to authenticate the user not to individual files but to AccessPoint.
The use case would be that a trusted server would authenticate the user (for example, via LDAP, Oracle SSO, and so on), make a request to the QlikView Web Server, obtain a ticket, and then redirect the user to the QlikView Web Server with the ticket encoded in the URL.
The trust mechanism is simply based...