Check this thread:Tableau server access for Internal and external users
1 of 1 people found this helpful
Hi MULLA BAJEE VALI,
Tharashasank Davuluru You are right..and i am giving a live example here..
We use Webseal for providing access to our external users.
What it will do is, When you login to your portal the IDM will send communication to both your Webseal, your Tableau Server and get authenticated.
If you are good then a valid session will be established to both your portal and the Tableau server.
Now, you can access the reports from your Tableau server by using your Tableau API's and show them as iFrames in the portal or you can embed them in to your web portal.
Tableau Newbie here; How do you control the data so these external users only see information relevant to them?
To be more specific, our users (1000+) log into our external website, we will present a dashboard to them that is filtered with only their information. Our Tableau server uses LDAP for authentication but none of these external users will be on LDAP. Do we pass a username that corresponds to a generic LDAP userID and then control the data with a filter?
Looking for suggestions...
We have integrated backend application called “Tableau Server” with WebSEAL and enabled form based authentication in Non-Prod environment. In our landscape, the customer requirement is just to implement form based authentication for the users who are accessing Tableau Server from external network. So we have enabled form based authentication for those users who try to access the Teblau Server from internet , that mean the users who are outside or not in customer network should able to SSO/authenticated from WebSEAL to Tableau Server (Backend Application) via form based authentication.
In order to accomplish this integration, We have created junction root “/” on WebSEAL and established a connection with backend application (Tableau Server), junction is up and running,
We have map dns entry URL on junction called https://analytics.qa.fonterra.com from actual hostname of tableau, When we hit this URL it goes to WebSEAL and sending a login page for the user. After providing user id and password on the loge page, request went to backend application and response to the browser page throws an error sign in failed and WebSEAL debug getting an error 500 “internal server error” and HTTP/1.1 401 Unauthorized. In actually backend application (Tableau Server) is up and running and successfully accessible directly from URL.
could could you please suggest which type of junction you used in your landscape? we tried standered and virtual host junction both the types but the outcome is same with the errors. if there is possibility would you please suggest which document you have used for WebSEAL and Tableau server integration.
I think I know the answer to this, but I am curious. Since these are "External" users, I am assuming that some segment of Tableau is internet exposed. Is that correct?
Were you able to resolve this issue ?
I mean can you login to your tableau server now from your tableau app ? Can you please help ,we are using the exact configuration you are using webseal .
Do you know how tableau application can be granted access externally ? Can you please share any useful references ,we recently implemented SAML and finding it hard to access application externally.
1 of 1 people found this helpful
No, no part of Tableau Server is or should be directly exposed to the internet.
The usual recommended approach is a reverse proxy setup on your external firewall. Tableau Server should never be installed in a DMZ, as the server MUST hold the data that is being used to generate the visualizations. The Server should be on the internal network only.
We were able to achieve SAML with F5 Load balancer and used IBM Webseal servers to configure junction to be able to access servers outside the network.
Thank you !