Can you be more specific about how SAML didn't work? You might get more suggestions for resolving the issue with a specific error message or snips from the logs.
Yes sure.. we followed all the steps as mentioned in tableau website. When
tried testing the result after completing all steps... I got a complete
white black page when tried entering my tableau sure url. No errors.. Just
On 06-Dec-2016 11:45 pm, "Nathan Panuco" <email@example.com>
Are you getting the blank page when trying to access the url on mobile device or on PC?
I have observed an issue when from Mobile devices, where the IdP needs to be Reconfigured to return NTLM challenges. If this is not feasible, it's possible to turn off SAML authentication for the Mobile app by setting wgserver.authentication.app_nosaml to true.
Apologies for delayed response. Getting a blank page while accessing from
pc and not from mobile..
Hi friends an suggestions please.. Please let me know if you require more
I cannot think of anything else. I would recommend opening a support ticket with our supoprt team so they can investigate to see what is happening.
Vijay Kumar I have an answer for you.
this is occurring because of a known issue with the format of the key being used, which is a Public Key File (PKCS#8).
Currently, Tableau Server cannot recognize the PKCS#8 format when SAML is being configured. To resolve the issue, a new key will need to be generated using the PKCS#1 format (RSA Public Key File). Once the new key is generated, a new Certificate Signing Request (CSR) must be created separately and used to create a new certificate. The new CSR and certificate must be generated, because the previous CSR and certificates will be using the old key.
Please note that generating the key and CSR with a single command will result in the same issue as the one currently being experience.
For more information on generating a key and creating a CSR, please review the following link:
+ Generate a Key and CSR
As mentioned in the link, I tried to enable SSL first using internal certificate authority.
- Now able to access the site perfectly in https:// mode BUT without enabling SAML
- Then tried enabling SAML
- Given the URL with https:// à Given SAML Entity ID à Linked .crt and .key files à Exported Metadata file and given to my AD administrator
- Exported this metadata file in ADFS à Added claim rules as SAM_Account_Name to Name ID and Username
- Received the FederationXML file from AD administrator à Linked this to SAML IDP à Clicked on OK and started the Tableau service.
- Now when I went to the Tableau URL I am getting the blank page without any kind of errors in browser. This is the issue what I have initially reported and raised a ticket with Tableau support.
- One step we are not able to do is – we are not keeping the FORMS BASED AUTHENTICATION as primary in our ADFS as mentioned below. Is this one of the reason for our issue?
- a. Finally Tableau Server requires forms based authentication to serve logins via a web browser, Tableau Desktop and the Tableau Mobile app. In web.config found in the C:inetpubadfsls directory modify the tag order under <localAuthenticationTypes> so that <add name=”Forms” page=”FormsSignIn.aspx” /> appears first in the list. You can customise the login form by editing FormsSignIn.aspx in the same directory. http://www.theinformationlab.co.uk/2014/02/04/authenticating-external-tableau-server-using-internal-ad/
Obed's message still applies in my opinion. Open the key file that you are using with SAML. At the top of it, does it have:
-----BEGIN RSA PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
The first one with RSA is PKCS#1 format. The second is PKCS#8 format. Currently Tableau Server's SAML configuration is handled by its own Vizportal and not by Apache. Vizportal only accepts PKCS#1 formatted key file. You can follow the commands outlined in the following article to generate the correct format:
Then use this with SAML and restart Tableau Server.