3 Replies Latest reply on Mar 29, 2013 1:16 AM by Russell Christopher

    Trusted tickets with embedded views and the Browser Back button

    Zach Drew

      We have embedded views with trusted authentication working in a customer reporting portal.

       

      Since the tickets are one time use for retrieval of an embedded view, if the user hits the browser back button to look at a previous report, the tableau server issues an error retrieving unexpired ticket error.

       

      We came across this when we added a help doc to the portal that opened in the current window, when the user clicked the back button to get back to the portal this error showed up.  Refreshing the view resolves the issue because a new request and a new ticket are generated and redeemed, however this creates a usability issue for the end user when the browser caches the page locally.

       

      Since we can't control the browser settings, we can't think of a way to resolve this from our end.

       

      Is there anything we can configure in tableau?

        • 1. Re: Trusted tickets with embedded views and the Browser Back button
          Russell Christopher

          Hey Zach --

           

          This behavior is an unfortunate side effect of the fact that a ticket may only redeemed once. There is no way to tell Tableau that a ticket may be redeemed multiple times. In your shoes, I might consider utilizing some JavaScript or other code which executes each time the page is loaded - said code would dynamically update the ticket.

           

          Good luck!

          • 2. Re: Trusted tickets with embedded views and the Browser Back button
            Matthew McBride

            I have encountered the same issue upon page refresh.  I have an embedded view in a wordpress blog post for data analysts.  Having the ticket fail at every page refresh or navigation elsewhere obviously defeats the purpose of what we are trying to accomplish with trusted authentication.  I got around the issue by calling an external script that retrieves the ticket and writes the correct javascript to a text file.  From there I call this same script internally using exec() from functions.php, along with a programmatic post edit that accepts the text file as an argument.  Upon every refresh the script is recalled and the <value="ticket" param is updated.  Of course the exec approach poses security risks that one may not want to deal with, and in the event that you are supporting multiple views things can get messy.  But this is an approach none the less.  I would suggest installing active directory, and possibly using automatic login?

            • 3. Re: Trusted tickets with embedded views and the Browser Back button
              Russell Christopher

              Hi Matt -

               

              You'll find that this is no longer an issue in v8 - none of these "extra work" is necessary.

               

              The problem in v7 was that our JavaScript methods (refresh, filter, revert) ending up doing a GET to the server, and of course part of the GET was the already-redeemed trusted ticket.

               

              The new-and-improved API does away with GET and instead uses POSTs. Problem solved. Try it! I think you'll like it

               

              http://onlinehelp.tableausoftware.com/current/server/en-us/help.htm#js_api.htm