I don't know how to get IP within Tableau, but why do you need to know location for row level security? We live in a very mobile society. Also, there is no way that pwd will be exposed.
I haven't done something like this but technically you could pull the IP of the user from the http_requests table in the Tableau Server repository.
Setting up row level security at oracle is a good option.When you are considering to go with Kerberos and SSO both at Tableau as well as Oracle level, You would not need to restrict based on IP, you can do it based on user as the kerberos principle name would be the common identified for both Tableau as well as oracle.
You can define a stored procedure that uses the lookup table and then returns the data that are authorized to. We have done a similar setup in SQL Server. Take a read at this Working with Stored Procedures and Functions | Tableau Software
Tableau also has Row level security on dataset. User Filters and Row Level Security | Tableau Software
Hope this helps