by Imtiyaz Basha
Tableau - Trusted Authentication & Integration with Oracle Business Intelligence Enterprise Edition (OBIEE)
What is Trusted Authentication?
Trusted authentication simply means that you have set up a trusted relationship between a Tableau Server and one or more web servers. When a Tableau Server receives requests from these trusted web servers it assumes that your web server has handled the entire authentication process.
Step-by-Step Tableau Trusted Authentication
- Users hit the webpage
- Web server POSTS to Tableau Server
- Tableau Server creates a ticket
- Web server passes the URL to the browser
- Browser requests view from Tableau Server
- Tableau Server redeems the ticket
Configuring Tableau Server
We have to configure the Tableau Server to recognize the web servers from which requests are originated. Tableau configuration can be done by using Tabadmin.
- Open a command prompt and navigate to the Tableau Server bin directory. Usually it is at following path C:\Program Files (x86)\Tableau\Tableau Server\7.0\bin
- Run the following command:
Syntax : tabadmin set wgserver.trusted_hosts "<Trusted IP Addresses>". Example: tabadmin set wgserver.trusted_hosts “xxx.xxx.xxx.xxx"
TIP: Use comma (,) if you have multiple requests to add.
- Restart the Tableau Server, use following command: tabadmin restart
Write Program To Obtain Ticket From Tableau Server
Tableau has provided code samples for placement on a web server which will get an authentication ticket from the Tableau server. This can found in the following directory.
C:\Program Files (x86)\Tableau\Tableau Server\7.0\extras\embedding
Request Parameters
- Username = the username for a licensed Tableau Server user.
- target_site = the value you use for <site id> should be the site’s Web Folder name.
- client_ip = IP address of the computer whose web browser is accessing the view
The sample program below has been used to integrate Tableau with Oracle Business Intelligence Enterprise Edition (OBIEE).
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class TableauKey extends HttpServlet{
private static final long serialVersionUID = 1L;
public TableauKey() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
final String user =request.getParameter("user");
final String wgserver =request.getParameter("wgserver");
String ticket = "";
PrintWriter out = response.getWriter();
try{
ticket = getTrustedTicket(wgserver, user, request.getRemoteAddr());
if ( !ticket.equals("-1") ) {
out.println(""+ticket);
}
else{
out.println("-1");
}
}catch(Exception e){
out.println("Exception Occured : "+ e.getStackTrace().hashCode());
}
}
private String getTrustedTicket(String wgserver, String user, String remoteAddr) throws ServletException
{
OutputStreamWriter out = null;
BufferedReader in = null;
try {
StringBuffer data = new StringBuffer();
data.append(URLEncoder.encode("username", "UTF-8"));
data.append("=");
data.append(URLEncoder.encode(user, "UTF-8"));
data.append("&");
data.append(URLEncoder.encode("client_ip", "UTF-8"));
data.append("=");
data.append(URLEncoder.encode(remoteAddr, "UTF-8"));
URL url = new URL("http://" + wgserver + "/trusted");
URLConnection conn = url.openConnection();
conn.setDoOutput(true);
out = new OutputStreamWriter(conn.getOutputStream());
out.write(data.toString());
out.flush();
StringBuffer rsp = new StringBuffer();
in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;
while ( (line = in.readLine()) != null) {
rsp.append(line);
}
return rsp.toString();
} catch (Exception e) {
throw new ServletException(e);
}
finally {
try {
if (in != null) in.close();
if (out != null) out.close();
}
catch (IOException e) {}
}
}
}
Displaying The Tableau View
Once we get the ticket from the Tableau Server we have to use the following information to display the view. The URL to the view / workbook must be follow the syntax below:
http://tabserver/trusted/<ticket>/views/<workbook>/<view>
The above URL is for a Tableau server which has single site, for multiple sites use the following syntax:
http://tabserver/trusted/<ticket>/t/Sales/views/<workbook>/<view>
Completing The Integration with OBIEE
Once the OBIEE Server IP Address is added to the list of trusted systems in Tableau, the request can be sent to get the ticket from Weblogic Server. The key which the Tableau Server sends to the OBIEE Server can also be used to fetch and show the views from the Tableau Server directly via a browser.
- Request to OBIEE Server for a dashboard.
- Dashboard to delivered to client browser.
- Custom service to Weblogic Server for API key request.
- Requesting to Tableau Server for key (with required parameters).
- Tableau Server returns a response to the Key Provider
- Custom service passes the key to the web browser.
- Web browser creates the custom URL and makes direct request to Tableau Server for desired view(s).
Tableau Inside OBIEE
The sample code snippet below has been used on a Oracle Business Intelligence Enterprise Edition (OBIEE) dasboard page to load a Tableau view.
<iframe id="frame" width="1000px" height="400px"></iframe><script src="http://code.jquery.com/jquery-1.11.0.min.js"></script><script>var user = "<mailid@mailprovider.com>";var wgserver = "<ipaddress>:<port>";var key = "";var tableauServer = "http://<ipaddress>:<port>/trusted/";var viewName = "/views/workbook/SheetName";var params = "?:embed=yes&:toolbar=no&:tabs=no&:customViews=no";var keyURL = "http://<ipaddress>:<port>//<WebApp>/getKey?wgserver="+wgserver+"&user="+user;$( document ).ready(function(){ key = ""; var jqxhr = $.get(keyURL, function(data ){ key = data; //console.log(key) }) .done(function(data) { key = data; console.log( tableauServer+key+viewName+params); $("#frame").attr("src", tableauServer+key+viewName+params); }) .fail(function(data ) { console.log( data ); }) .always(function() { console.log( "finished" ); }); });</script>
Imtiyaz Basha is a Business Intelligence Consultant at KPI Partners and works with the expert team within the KPI Partners Offshore Technology Center. He is an Oracle Certified Professional whose areas of professional focus also include Hadoop, Java, and Data Science. Check out Imtiyaz's blog at KPIPartners.com. |