responsive iframe + Tableau trusted authentication

StackOverflow https://stackoverflow.com/questions/20197791

Question

I'm embedding Tableau views in a PHP web application. We had been using an enabled guest account with Tableau Server which basically allowed for anonymous authentication. Under this scheme, responsive embeds were straightforward, and working great, using a javascript solution such as fitvids.js/fluidvids.js.

Recently, we made the change to trusted authentication which passes a specific user to Tableau Server from the web app, generates a unique, one-time trusted ticket, and renders the view. With a standard, fixed embed, everything works as expected. However, when implementing fitvids.js or fluidvids.js, we get the dreaded Tableau error: Could not locate unexpired trusted ticket.

My best guesses are that the breakdown is either:

  1. PHP for ticket generation and url creation
  2. processing order of javascript (most likely)
  3. Tableau Server limitation

A css only solution will not work as the content inside the iframe is dynamic.

For reference, here is the php in question:

<?php
/**
 * Implementation of Tableau trusted auth for php
 *
 * http://onlinehelp.tableausoftware.com/v8.1/server/en-us/trusted_auth_webURL.htm
 */
function get_trusted_url($user, $server, $view_url, $site) {
  $params = ':embed=yes&:toolbar=yes:tabs=no';
  $ticket = get_trusted_ticket($server, $user, $_SERVER['REMOTE_ADDR'], $site);

  return "http://$server/trusted/$ticket/$view_url?$params";
}

// Note that this function requires the pecl_http extension.
// See: http://pecl.php.net/package/pecl_http

// the client_ip parameter isn't necessary to send in the POST unless you have
// wgserver.extended_trusted_ip_checking enabled (it's disabled by default)
function get_trusted_ticket($wgserver, $user, $remote_addr, $site) {
  $params = array(
    'username' => $user,
    'client_ip' => $remote_addr,
    'target_site' => $site
  );

  return http_parse_message(http_post_fields("http://$wgserver/trusted", $params))->body;
}
?>

And an example embed:

<iframe src="<?php echo get_trusted_url($user,$server,$view_url,$site);?>"></iframe>
Was it helpful?

Solution

Running a Fiddler trace, shows that the problem is with the javascript execution.

With a fixed proportion embed, there is a single request to the trusted ticket url:

 1. /content/demo-tableau-trusted
 2. /trusted/Sz1y2Beu6Wr2EZnIg37-7oPm/t/education/views/Attendance/AttendanceDashboard?:embed=yes&:toolbar=yes:tabs=no
 3. /t/education/views/Attendance/AttendanceDashboard?:embed=yes&:toolbar=yes:tabs=no

And then with a javascript solution (FluidVids in this case), there are two requests to the same trusted ticket url:

 1. /content/demo-tableau-trusted
 2. /trusted/eg93TnSj0SQuhoCdHJbh0t94/t/education/views/Attendance/AttendanceDashboard?:embed=yes&:toolbar=yes:tabs=no
 3. /trusted/eg93TnSj0SQuhoCdHJbh0t94/t/education/views/Attendance/AttendanceDashboard?:embed=yes&:toolbar=yes:tabs=no
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top