Gotcha!
Sorry, I had to use Google to fool you into reading this, because it’s important. You do NOT want to want to make Trusted Authentication requests for trusted tickets via JavaScript. I’m trying to keep you from making a very big mistake.
Reason #1 not to do this.
Tableau Server must be configured to trust the IP address of the resource requesting a ticket. In a JavaScript scenario, that resource is your user sitting in his or her browser on an IP address. Do you really want to configure Tableau to trust hundreds, maybe thousands of IP addresses?
Reason #2 (the one that will get you fired)
If Tableau is configured to trust an IP address, then we trust it. Someone sitting on that IP can make a request for a ticket for ANY user on Server, not just for themselves.
Summary:
You should only configure Tableau Server to trust a server-side resource (like a web service, php or asp.net page) that you are in complete control of. If you want to call that (secured resource) with JavaScript, fine.
This is acceptable:
- Your JavaScript code connects to a Web Service and authenticates against that web service
- The web service has “smarts” and understands who it should request a ticket for – it does so on the user’s behalf.
- Tableau is configured to trust the box that the web service is running on, so it responds correctly when the web service asks for a ticket on a user’s behalf
- The web service passes the ticket back the browser
- You use JavaScript to render a report with the ticket you got back from the web service
This is not acceptable:
- You configure Tableau Server to trust the IP addresses of your customers machines, or of servers not under your control
That’s why you’re not finding any sample JavaScript code to request trusted tickets from Tableau. Because you shouldn’t. It’s bad. It’s evil. People will take your jelly beans.