3 Replies Latest reply on Mar 1, 2012 1:06 PM by Russell Christopher

    Row level security using Odata

      Hi,

       

      Can someone help me understand the limits of caching Odata in Tableau Server?

       

      My company has a large, bespoke, security database, which stores all the security logic in Stored Procedures (i.e. pass in a Username which returns). Because Tableau can not query stored procedures, I thought I could connect Tableau to an OData Webservice that wraps a Stored Procedure.

       

      I have created an Odata web service to manage Row-Level security. The service relies on a user logging into it via Forms Based Authentication (a separate web page). Once the user has logged on, the Web Service will filter its results based on the user's identity. This works fine in Tableau Desktop, but does not work in Tableau Server.

       

      When I publish a Workbook to Tableau Server, the Server creates a cached version of the Odata results. Regardless of who runs the Report in Tableau Server, they see the same Odata results.

       

      Can someone please tell me if it is possible to turn-off caching of Odata results on Tableau Server?

       

      Does anyone have any other suggestions for managing security re-using Stored Procedures?

       

      Dave

        • 1. Re: Row level security using Odata
          Lu Sien Tan

          OData results are always cached by Tableau via an extract. That data will never change until a refresh is explicitly requested.

           

           

          To answer your question, turning off "caching" is not possible.

           

          If I understand this correctly, you want it so that every time a different person open that same workbook, the data will change according to the security settings you set via the wrapped procedure. I'm curious though, how you did you make it work with Tableau Desktop?

          1 of 1 people found this helpful
          • 2. Re: Row level security using Odata

            Thanks Lu, I guess OData is not our solution.

             

            We got the OData showing different results per user in Desktop by having the user log into a web page via IE, and then run the Workbook connected to the OData source. The OData source filtered the user's results based on who they logged in as on IE.

            • 3. Re: Row level security using Odata
              Russell Christopher

              Heya David -

               

              If you have Tableau Server available, you can implement a "row-level-ish" security via Tableau "User Filters"

               

              Essentially, a User Filter will present you with a list of Tableau Users and Groups, and then a list of dimension values for whatever dimension you're interested in (Example, for the "Pets" dimension, {Cats, Dogs, Elephants}. You can then choose which users / groups can see which pets.

               

              Once created, the user filter is dropped on the Filter shelf of Desktop just like any other filter, but it acts as a security filter vs. a simple way of showing/hiding data.

               

              Good luck!