Hey Dickson -
Essentially, you'll tell Tableau to "trust" the IP address or hostname of your SharePoint box. Then, you'll have code in your SharePoint page which grab the user's identity from TMG. That username will be sent to Tableau via an HTTP post.
Since you configured Tableau to "trust" the SharePoint IP, we'll respond with a ticket that can be redemeed to view content. All the detalls you need are behind the first link I pasted in.
FYI, there's also a sample SharePoint webpart that "does" trusted authentication in the /extras folder of your server. You could probably use it as a starting point - you'd rip out the bits user identity code that talk to AD and plug in new code that talks to TMG...
Hope this helps!
Thank you so much for the prompt response. Here is what my understand is, please feel free to correct me if I am wrong.
When user login from the Internet, they enter their AD username & password, which the TMG will do the authentication and pass the credential to the SharePoint, then by using the SharePoint webpart, Tableau will be able to get the credential from the SharePoint but not the TMG.
However, since the Tableau Server is located in the enterprise network, I still have to use the TMG to publish the Tableau Server such that it can be reachable when user accessing it by using Internet, right? Also, Tableau Server doesn't need to "trust" the TMG IP in the set up above, is that correct?
Once again, thank you so much.
Not sure what you mean by “TMG to publish the Tableau Server”. Can you explain?
If TMG needs some sort of “hooks” into Tableau Server for this work, I’m not sure where you go.