I am new to tableau. I have this complicated problem in our system, where I am trying to use trusted authentication to by-pass tableau login. We have installed Tableau server (ex: 1.2.3.4) and have added the webserver (ex:1.3.3.4) to its trusted hosts list. In order to connect to the servers, we use Cisco VPN our IP is dynamic. The tableau reports are to be integrated to a asp.net web application hosted in the webserver (1.3.3.4), which has an existing login mechanism. So, I would like to avoid/by-pass the tableau login. To achieve this, I am trying to use trusted authentication. When I tested this in the webserver (1.3.3.4) as mentioned in the link : http://kb.tableau.com/articles/knowledgebase/testing-trusted-authentication, it returns ticket value only when I send the client IP. But when I try to access the embedded tableau reports, I am unable to get the reports. Instead, I get "Could not locate unexpired trusted ticket" error. Also, I am unable to find ways to retrieve VPN IPs of the clients from my webserver. My requirement is to find a proper way to avoid tableau login (using trusted authentication) while embedding the reports in our asp.net web application. Is there any other possible way of implementing the same or am I missing something? Since I can't find any proper examples for the same, I am posting this question. Kindly provide me your valuable inputs in finding a suitable solution. Thanks in advance.
Asked
Active
Viewed 1,152 times
1
-
Not really an answer but a few pointers: you could use Wireshark or Fiddler to verify the IP addresses of requests made to the Tableau Server, maybe there is a way to configure Cisco VPN so the all requests coming through it are visible as originating from a given host name / IP address. – Wojtek Dec 16 '15 at 13:13
-
Thanks @Wojtek.. I ll try to learn more about those. But I want to get the client's VPN IP from web server, so that it can be sent to tableau server via request. – Vidhya Hari Dec 17 '15 at 08:00
-
Is sending clients IP address one of your requirements? I'm currently using trusted authentication without Client IP Matching and it works ok. As long as you have authentication mechanism in you web application sending client IP seems not necessary. Have you tested Trusted Authentication setup in a less complex environment? There can be several reasons for "unexpired ticket" error, e.g. not removing "sheets" part from content url used for embedding the report. – Wojtek Dec 17 '15 at 10:24
-
@Wojtek Thanks for your reply. I tried first without client IP matching but didn't work that way also. So, on seeing some posts, I enabled Client IP matching to true. Was not able to check in any other environment :( – Vidhya Hari Dec 21 '15 at 05:25
-
You can retrieve client IP in .net by analysing request headers in your web application and use this client IP in generating trusted ticket. Not sure if this is an option, but VPN configuration with specific IP seems like a solution. – Wojtek Dec 21 '15 at 10:01