0 Replies Latest reply on Dec 18, 2013 9:56 AM by Raghav Panchapakesan

    Tableau Setup for Trusted Authentication

    Raghav Panchapakesan



      I am new to Tableau and we recently implemented Tableau at work with the idea of viewing tableau views within the Salesforce.com (SFDC) portal itself. I know that Trusted Authentication is the way to go because we have all our users accessing SFDC outside the firewall and our Tableau implementation resides internally within our company firewall.


      I have a couple of questions with regard to the architecture to ensure we have trusted authentication working. We have a distributed environment where the gateway is on a separate box and rest of the necessary services (VizQL, Data and repository etc) are on separate boxes as well for availability.


      SFDC (cloud hosted external n/w) -> McAfee N/W Gateway (DMZ) -> Apache (to be configured as reverse proxy - internal n/w) -> Tableau Web Gateway (internal n/w) -> Rest of Tableau boxes (internal n/w). Our corporate security policies do not allow us to have Apache on the DMZ configured as a reverse proxy so this is the only way requests are going to get through internally to Tableau. What i am being told is the  McAfee n/w gw will just forward the request to apache internally so once it receives the request, it will do the necessary processing to generate tickets for Trusted Authentication.


      My questions are :

      1) will this setup work for Tableau for Trusted Authentication? And i believe we can have only one authentication mechanism either Windows AD auto login (SSO setup for internal users) or trusted based authentication, correct?

      2) i have a sample php code for trusted authentication but where should this code go within apache - on the landing page? i am new to web programming and kind of confused in this regard.

      3) Tableau needs to trust a server side resource in this case i will be using a combination of apache and php - i will improve on the sample code for trusted authentication but how do configure tableau to trust the server side resource?

      tabadmin set wgserver.trusted_hosts - should this command alone do the trick? or do i need to specify anything in reference to the PHP file?


      4) A URL needs to be generated from within Salesforce in order to talk to Tableau - so i am assuming it needs to be generated in a similar fashion listed below? similar to and embedded iframe

      <apex:page >

          <apex:pageBlock >

            <apex:outputText style="font-style:bold; font-size: 12pt" value="Tableau Dashboards for  {0} with AD User ID {1}.">

              <apex:param value="{!$User.Username}"/>

      <apex:param value="{!$User.ADUser__c}"/>



          <apex:pageBlock >

      <apex:form >

      <apex:pageBlockSection columns="3">

      <apex:outputLink value="https://<servername>/trusted/views/<viewname>/<trusted ticket>

      POC Dashboard

      <apex:param name="username" value="{!$User.ADUser__c}"/>



          </apex:pageBlock> <br/><br/><br/><br/>


      It would be really great if any help can be provided in this regard - Thanks in advance!