问题
1) Users are prompted to login to Tableau when viewing an embedded dashboard within a web application.
2) If they close their browser, start a different browser session, or let the Tableau cookie expire, they will be prompted to login again.
3) Throughout the day, you could potentially be prompted to login multiple times when trying to view dashboards. This quickly becomes annoying and tiresome.
Tableau offers a solution called "Trusted Authentication" which bypasses the manual login process. After a week of debugging and troubleshooting, I was able to accomplish this. I could not find any solutions on Stackoverflow, so I wanted to share my knowledge on how I accomplished this in hope to help others.
回答1:
Link to Tableau's How Trusted Authentication Works
High Level View on how I implemented Trusted Authentication
1) Tableau server must have an entry to the wgserver.trusted_hosts file with the hostname of your web application for any of this to work.
2) Three important parameters are passed:
username 212456449
server http://[server]
target_site YourTargetSiteName
3) If the HTTP POST request is valid and the user has the correct Tableau license, Tableau creates a 48 unique character ticket that is only valid for 3 minutes.
4) I programmatically add the 48 unique character ticket into the embedded JavaScript right before Tableau redeems it.
How the code works in my web applicatin
I created a TrustedAuth class that contains two methods: requestTicket() and addTicket(). requestTicket() is an Asynchronous method that takes the three required parameters (sso, server, site). The HTTP POST is fired off and awaits a response. If Tableau response is a -1 , HTTP handshake has failed or the user is invalid. If valid, response will be a 48-character encrypted string.
addTicket() is a Synchronous method that takes two parameters (ticket, reportLink). This method takes the 48-character encrypted ticket and appends it to the embedded JavaScript (reportLink).
The web application sends a HTTP GET request to Tableau that includes the embedded JavaScript (reportLink) with the encrypted ticket. Tableau Server redeems the ticket, creates a session, logs the user in, no login prompt dispalyed
TrustedAuth Class
public class TrustedAuth
{
public async Task<string> requestTicket(int sso, string server, string site)
{
try
{
//Assign parameters and values
var values = new List<KeyValuePair<string, string>>();
values.Add(new KeyValuePair<string, string>("username", sso.ToString()));
values.Add(new KeyValuePair<string, string>("target_site", site));
//Web Application is HTTP and Tableau is HTTPS, there are certification issues. I need to fake the certs out and return them as true.
System.Net.ServicePointManager.ServerCertificateValidationCallback = (senderX, certificate, chain, sslPolicyErrors) => { return true; };
//Instantiate HttpClient class
var client = new HttpClient();
//Encode Content
var req = new HttpRequestMessage(HttpMethod.Post, server) { Content = new FormUrlEncodedContent(values) };
//POST request
var res = await client.SendAsync(req);
//Get response value
var responseString = await res.Content.ReadAsStringAsync();
return responseString;
}
catch (Exception e)
{
System.IO.File.AppendAllText(@"c:\inetpub\wwwroot\WebApplication\TrustedAuthError.txt", ":::ERROR::: " + System.DateTime.Today.ToString() + ":::" + e.ToString() + Environment.NewLine);
//Add Log4Net logging
}
return "-1";
}
public string addTicket(string ticket, string reportLink)
{
//Add ticket parameter with ticket value. I'm using </object> as my keyword to find and replace
string addedTicket = reportLink.Replace("</object>", "<param name='ticket' value='" + ticket + "' /></object>");
return addedTicket;
}
}
Dashboard Controller
public async Task<ActionResult> Dashboard(int Report_Num)
{
var ticket = "";
//Get Trusted Tableau Authentication Ticket
try
{
ticket = await _trustedAuth.requestTicket(b.getSSO(User.Identity.Name), ConfigurationManager.AppSettings["TrustedAuthTableauServer"], ConfigurationManager.AppSettings["TrustedAuthSiteName"]);
}
catch
{
ticket = "-1";
}
//Only add trusted Tableau Authentication ticket if it's valid, else kick user to default Report_Link which will make them login manually.
//You get a nasty error message if you pass in a '-1'
if (!ticket.Equals("-1"))
{
ViewBag.Link = _trustedAuth.addTicket(ticket.ToString(), report_Completion_Status.Report_Link);
}
else
{
ViewBag.Link = report_Completion_Status.Report_Link;
}
var model = await this.GetFullAndPartialViewModel(Report_Num);
return this.View(model);
}
New Embedded JavaScript (reportLink) with ticket parameter inserted
Dashboard View
@model WebReportingToolDAL.Models.ViewModels.ReportCategoryListModel
@{
ViewBag.Title = "Dashboard";
Layout = "~/Views/Shared/_Layout.cshtml";
}
<body>
@Html.Raw(ViewBag.Link)
</body>
If all works, you should no longer see the Tableau Login Page.
来源:https://stackoverflow.com/questions/53192718/how-to-implement-tableau-trusted-authentication