1 of 1 people found this helpful
Well we finallly managed to get everything working!
The actual problem was the translation of cookie paths. This is more or less standard for all other applications, but Tableau doesn't need that, so by removing the cookie proxy it just worked.
The configuration is as follows (using http://onlinehelp.tableau.com/current/server/en-us/help.htm#proxy.htm#Configur as the example).
Our setup is as follows:
- We have a proxy in the DMZ which forwards requests from web clients to the Tableau Primary Gateway
- The incoming connection is HTTPS, the internal proxy <--> Tableau connection is HTTP
- The proxy is using Apache as the proxy server
The documentation states that the proxy server should fill the following headers to give Tableau the required information to work behind a reverse proxy:
- The added information which I needed to make it work is the publci IP address of the proxy, and NOT the local IP address!
- So for this example:
- Proxy_Public_Name = "tableau.example.com"
- Proxy_Public_IP = 100.100.100.100
- Proxy_Local_Name = "proxy", "proxy.local"
- Proxy_Local_IP = 10.10.10.10
- Tableau_Local_Name = "tableaugw"
- Tableau_Local_IP = 22.214.171.124
On top of that, one should configure Tableau's server configuration, tabsvc.yml:
- gateway.public.host: 100.100.100.100 (Proxy_Public_IP)
- gateway.public.port: 443 (as we are using HTTPS)
- gateway.trusted: 10.10.10.10
- gateway.trusted_hosts: "proxy, proxy.local"
And the configuration of the Apache 2.4 server to complete the configuration:
# General settings for the proxy
Allow from all
# The actual proxy settings:
ProxyPass / http://tableaugw/
ProxyPassReverse / http://tableaugw/
# Proxy is not allowed to cache contents
# Set the requestheader to HTTPS
RequestHeader set X-Forwarded-Proto "https"
# That's it. Do not set the ProxyPassReverseCookiePath or the ProxyPassReverseCookieDomain!
# Tableau uses the root, "/" as the cookiepath! and doen't care about the domain!
Hope that it can help others.