1 of 1 people found this helpful
Hey Ryan -
There really isn't a way to get at the thumbnail/preview without logging in. As silly as it sounds, even the thumnail image could show sensitive stuff (trends) that you don't want anyone to see unless they've authenticated.
The samples in C:\Program Files (x86)\Tableau\Tableau Server\7.0\extras\embedding\sharepoint has some C# code to grab a trusted ticket. You don't care about the SharePoint related-code, of course...but the "core" code is something you should be able to re-purpose.
Once you have a ticket, you can use it to grab the thumnail:
http://tableau-server/trusted/<ticket goes here>/thumb/views/workbook-name/view-name
I think you need one ticket-per-request, but not positive. I'd suggest you actually store the previews outside of Tableau so you don't have to do this over and over again....
Hope this helps!
We've been using Trusted Auth tickets to preview thumbs for over 3 years now.
All of a sudden we are getting 401 errors for the thumbnails. The admin guide says to make sure "Enable Automatic login" is turned off when using TA so I've verified that we have that unchecked in the server configuration.
The weird part is, in some browsers the thumbnails are coming in just fine, while others are not (IE 10, and Edge) and sometimes restarting the server will fix the issue for a few hours. Meanwhile, trusted authentication is working perfectly for actually loading the viz. Just the thumbnail urls have the issue.
I've noticed this issue in 9.0.3 and 9.0.5. Any ideas? Thanks.
Heya Corey -
I admittedly haven't been keeping a close eye on this stuff as of late, but no - it's business as usual as far as I know.
First thing I'd do is make sure your "troubled browsers" don't have any ad / privacy blockers enabled. If you can get a fairly dependable repro just by plugging a ticket into the URL which requests a thumb, then I'd open up a case. Keep the trouble statement as clear as possible - don't bring custom apps or integration into the mix. Simply say, "this URL used to work in browser XYZ, now it doesn't".
Thanks for the quick response Russell. I'll get a case opened up.
The change in Tableau Server 9.0 is intentional. Trusted tickets are only intended to be used for interactive views, the following are examples of content that should not be accessible via trusted tickets:
URLs for static content (thumbnails, PDFs, PNGs, etc) - technically these endpoints are there for use by Tableau Server internal calls and tabcmd and not meant to be accessed directly by users.
You could use the REST API to get thumbnails:
Or, tabcmd get/export could be used to get a full size PNG that could be scaled down in a graphics editor:
Thanks for helping out...
I was afraid that this was going to be the response. So how come the images sometimes work? Especially after a server restart?
If I had to guess, you probably turned on unrestricted Trusted Tickets in 8.x to allow access to this URL?
And some browsers are retaining the session cookie and others aren't?
Those are just guesses, but it makes sense.
A Server restart shouldn't have any bearing on the behavior though....short of killing all old sessions so your code is forced to request a new ticket. (The code should be requesting a new ticket for every view it requests, it's a one-to-one ratio - the only way around this is the unrestricted tickets setting that has security implications of its own).
I just checked our configuration and we had wgserver.unrestricted_ticket set to false.
BUT, enabling this setting allows for a short term workaround for us until we can use the rest api or tabcmd. Seems like there may be an issue with TS still allowing access to thumbnails via tickets with the unrestricted_ticket set to false.