如何实施Tableau可信认证? [英] How to implement Tableau Trusted Authentication?
问题描述
1)在查看Web应用程序中的嵌入式仪表板时,提示用户登录Tableau。
2)如果关闭浏览器,请启动其他浏览器会话,或者让Tableau cookie过期,将提示他们再次登录。
3)在一天中,当您尝试查看时,可能会多次提示您登录仪表板。
Tableau提供了一种称为可信身份验证的解决方案,该解决方案绕过了手动登录过程。经过一周的调试和故障排除,我能够完成此任务。我在Stackoverflow上找不到任何解决方案,所以我想分享我如何实现这一目标的知识,以希望对其他人有所帮助。
链接到Tableau的
有关如何实现受信任的高级视图身份验证
1)Tableau服务器必须具有 wgserver.trusted_hosts 文件的条目,该条目应带有Web应用程序的主机名
2)传递了三个重要参数:
username 212456449
服务器http:// [服务器]
target_site YourTargetSiteName
3)如果HTTP POST请求有效并且用户具有正确的Tableau许可证,Tableau将创建48个唯一字符的票证,该票证仅在3分钟内有效。
4)我在Tableau赎回之前以编程方式将48个唯一字符的票添加到嵌入式JavaScript中。
代码在我的代码中的工作方式网络应用
我创建了一个TrustedAuth类,其中包含两种方法: requestTicket()和 addTicket()。 requestTicket()是一种异步方法,它采用三个必需参数(sso,服务器,站点)。 HTTP POST被触发并等待响应。如果Tableau响应为-1,则HTTP握手失败或用户无效。如果有效,则响应将是一个48个字符的加密字符串。
addTicket()是一种同步方法,它采用两个参数(票证,reportLink)。此方法获取48个字符的加密票证,并将其附加到嵌入式JavaScript(reportLink)。
Web应用程序向Tableau发送一个包含嵌入式JavaScript的HTTP GET请求。 (reportLink)和加密的票证。 Tableau Server兑换票证,创建会话,登录用户,不显示登录提示
TrustedAuth类
公共类TrustedAuth
{
public async Task< string> requestTicket(int sso,字符串服务器,字符串站点)
{
try
{
//分配参数和值
var values = new List< KeyValuePair< string,字符串>>();
values.Add(新的KeyValuePair< string,string>(用户名,sso.ToString()));
values.Add(新的KeyValuePair< string,string>( target_site,site));
// Web应用程序是HTTP,Tableau是HTTPS,存在认证问题。我需要伪造证书,然后将它们返回为真实。
System.Net.ServicePointManager.ServerCertificateValidationCallback =(senderX,证书,链,sslPolicyErrors)=> {返回true; };
//实例化HttpClient类
var client = new HttpClient();
//对内容
进行编码var req = new HttpRequestMessage(HttpMethod.Post,server){Content = new FormUrlEncodedContent(values)};
// POST请求
var res =等待客户端。SendAsync(req);
//获取响应值
var responseString =等待res.Content.ReadAsStringAsync();
返回responseString;
}
捕获(异常e)
{
System.IO.File.AppendAllText(@ c:\inetpub\wwwroot\WebApplication\ TrustedAuthError.txt, :::错误::: + System.DateTime.Today.ToString()+ ::: + e.ToString()+ Environment.NewLine);
//添加Log4Net日志记录
}
返回 -1;
}
public string addTicket(string ticket,string reportLink)
{
//添加具有工单值的工单参数。我正在使用< / object>作为查找和替换
字符串的关键字,添加了Ticket = reportLink.Replace(< / object>,< param name ='ticket'value =' +票+'/>< / object>);
返回机票已添加;
}
}
仪表板控制器
公共异步任务< ActionResult>仪表板(int Report_Num)
{
// db将是存储Report_Link的数据库模型
Report_Completion_Status_NEW report_Completion_Status = db.Report_Completion_Status_NEW.Find(Report_Num);
if(report_Completion_Status == null)
{
return HttpNotFound();
}
var ticket =;
//获取受信任的Tableau身份验证票
try
{
//出于示例目的,我为示例_trustedAuth.requestTicket硬编码了Tableau Server名称和站点名称方法。在我的实际代码中,我将它们存储在web.config中。
票=等待_trustedAuth.requestTicket(b.getSSO(User.Identity.Name), https://ProdTableauUrlGoesHere.com/trusted, YourTargetSiteNameHere);
}
catch
{
ticket = -1;
}
//仅添加受信任的Tableau身份验证票证(如果有效),否则将用户踢到默认的Report_Link,这将使他们手动登录。
//如果传入'-1'
if(!ticket.Equals(-1))
{
ViewBag.Link = _trustedAuth.addTicket(ticket.ToString(),report_Completion_Status.Report_Link);
}
其他
{
ViewBag.Link = report_Completion_Status.Report_Link;
}
var model = await this.GetFullAndPartialViewModel(Report_Num);
返回this.View(model);
}
已插入票证参数的新嵌入式JavaScript(reportLink)
仪表板视图
@model WebReportingToolDAL.Models.ViewModels.ReportCategoryListModel
@ {
ViewBag.Title =仪表板;
Layout =〜/ Views / Shared / _Layout.cshtml;
}
< body>
@ Html.Raw(ViewBag.Link)
< / body>
如果一切正常,您应该不再看到Tableau登录页面。
1) Users are prompted to login to Tableau when viewing an embedded dashboard within a web application.
2) If they close their browser, start a different browser session, or let the Tableau cookie expire, they will be prompted to login again.
3) Throughout the day, you could potentially be prompted to login multiple times when trying to view dashboards. This quickly becomes annoying and tiresome.
Tableau offers a solution called "Trusted Authentication" which bypasses the manual login process. After a week of debugging and troubleshooting, I was able to accomplish this. I could not find any solutions on Stackoverflow, so I wanted to share my knowledge on how I accomplished this in hope to help others.
Link to Tableau's How Trusted Authentication Works
High Level View on how I implemented Trusted Authentication
1) Tableau server must have an entry to the wgserver.trusted_hosts file with the hostname of your web application for any of this to work.
2) Three important parameters are passed:
username 212456449
server http://[server]
target_site YourTargetSiteName
3) If the HTTP POST request is valid and the user has the correct Tableau license, Tableau creates a 48 unique character ticket that is only valid for 3 minutes.
4) I programmatically add the 48 unique character ticket into the embedded JavaScript right before Tableau redeems it.
How the code works in my web applicatin
I created a TrustedAuth class that contains two methods: requestTicket() and addTicket(). requestTicket() is an Asynchronous method that takes the three required parameters (sso, server, site). The HTTP POST is fired off and awaits a response. If Tableau response is a -1 , HTTP handshake has failed or the user is invalid. If valid, response will be a 48-character encrypted string.
addTicket() is a Synchronous method that takes two parameters (ticket, reportLink). This method takes the 48-character encrypted ticket and appends it to the embedded JavaScript (reportLink).
The web application sends a HTTP GET request to Tableau that includes the embedded JavaScript (reportLink) with the encrypted ticket. Tableau Server redeems the ticket, creates a session, logs the user in, no login prompt dispalyed
TrustedAuth Class
public class TrustedAuth
{
public async Task<string> requestTicket(int sso, string server, string site)
{
try
{
//Assign parameters and values
var values = new List<KeyValuePair<string, string>>();
values.Add(new KeyValuePair<string, string>("username", sso.ToString()));
values.Add(new KeyValuePair<string, string>("target_site", site));
//Web Application is HTTP and Tableau is HTTPS, there are certification issues. I need to fake the certs out and return them as true.
System.Net.ServicePointManager.ServerCertificateValidationCallback = (senderX, certificate, chain, sslPolicyErrors) => { return true; };
//Instantiate HttpClient class
var client = new HttpClient();
//Encode Content
var req = new HttpRequestMessage(HttpMethod.Post, server) { Content = new FormUrlEncodedContent(values) };
//POST request
var res = await client.SendAsync(req);
//Get response value
var responseString = await res.Content.ReadAsStringAsync();
return responseString;
}
catch (Exception e)
{
System.IO.File.AppendAllText(@"c:\inetpub\wwwroot\WebApplication\TrustedAuthError.txt", ":::ERROR::: " + System.DateTime.Today.ToString() + ":::" + e.ToString() + Environment.NewLine);
//Add Log4Net logging
}
return "-1";
}
public string addTicket(string ticket, string reportLink)
{
//Add ticket parameter with ticket value. I'm using </object> as my keyword to find and replace
string addedTicket = reportLink.Replace("</object>", "<param name='ticket' value='" + ticket + "' /></object>");
return addedTicket;
}
}
Dashboard Controller
public async Task<ActionResult> Dashboard(int Report_Num)
{
//db will be your database model where your Report_Link is stored
Report_Completion_Status_NEW report_Completion_Status = db.Report_Completion_Status_NEW.Find(Report_Num);
if (report_Completion_Status == null)
{
return HttpNotFound();
}
var ticket = "";
//Get Trusted Tableau Authentication Ticket
try
{
//For example purposes, I'm hard-coding the Tableau Server Name and Site Name for the example _trustedAuth.requestTicket method. In my actual code, I'm storing these in my web.config.
ticket = await _trustedAuth.requestTicket(b.getSSO(User.Identity.Name), "https://ProdTableauUrlGoesHere.com/trusted", "YourTargetSiteNameHere");
}
catch
{
ticket = "-1";
}
//Only add trusted Tableau Authentication ticket if it's valid, else kick user to default Report_Link which will make them login manually.
//You get a nasty error message if you pass in a '-1'
if (!ticket.Equals("-1"))
{
ViewBag.Link = _trustedAuth.addTicket(ticket.ToString(), report_Completion_Status.Report_Link);
}
else
{
ViewBag.Link = report_Completion_Status.Report_Link;
}
var model = await this.GetFullAndPartialViewModel(Report_Num);
return this.View(model);
}
New Embedded JavaScript (reportLink) with ticket parameter inserted
Dashboard View
@model WebReportingToolDAL.Models.ViewModels.ReportCategoryListModel
@{
ViewBag.Title = "Dashboard";
Layout = "~/Views/Shared/_Layout.cshtml";
}
<body>
@Html.Raw(ViewBag.Link)
</body>
If all works, you should no longer see the Tableau Login Page.
这篇关于如何实施Tableau可信认证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
