Tableau Tickets - POST to get ticket returning login form, not ticket ID

Question

I see there aren't many Tableau experts floating around StackOverflow, but perhaps someone out there has had this problem before, and knows the solution. I'm a total noob at Tableau, so please forgive me if this question is inane. Thanks in advance!

The System

The way we have Tableau set up is on an server separate from the webserver. The application is written in PHP, using CakePHP 2.2.0 stable.

10.0.0.10 - webserver
10.0.0.11 - tableau

In order to have a client view a report generated by Tableau, we are using the trusted authentication ticketing system, where the client is issued a URL with a specific ticket. The client then uses this ticket to ask the tableau server directly for the report.

An example:

1. Client GETS http://example.com/reports/view/3 - which is 10.0.0.10 internally.
2. Server POSTS to 10.0.0.11, and asks for a ticket for the client to view report 3
3. Tableau Server responds to the post with a number, e.g. 987654321.
4. Server responds to the client's GET with the page, including the ticket.
5. Client GETS http://tableau.example.com/trusted/987654321/view3
6. Tableau server verifies the client IP against the ticket, and responds with the HTML for the report.

The Issue

The problem is this: When the code asks for the tableau ticket number (steps 2 & 3 above), the Tableau server responds with an authentication page, not a ticket ID. If I comment out the "target_site" parameter in the $postdata array, tableau does not respond with a login page and instead simply says "-1".

The PHP code to generate the trusted URL:

<?php
public function get_trusted_url($view = 'book2sheet1') {
    $email = $this->Auth->user();
    $email = $email['Email']; //This email is registered as a Tableau user!

    $postdata = http_build_query(
        array(
            'username' => $email,
            'target_site' => 'oursite', //If I comment this line out, Tableau no longer returns an auth page and instead simply returns "-1"
            'client_ip' => $_SERVER['REMOTE_ADDR']
        )
    );

    $opts = array('http' =>
        array(
            'method'  => 'POST',
            'header'  => 'Content-type: application/x-www-form-urlencoded',
            'content' => $postdata
        )
    );

    $context = stream_context_create($opts);

    $ticket = file_get_contents('http://10.0.0.11/trusted/', false, $context);
    if($ticket > 0) {
        return 'http://tableau.example.com/t/rg/trusted/' . $ticket . '/' .$view . '?:embed=yes&:comments=no&:toolbar=yes';
    } else {
        echo 'failure'; //debug
        print_r($ticket); //debug - this prints out the auth page
        return false;
    }
}

Any help would be greatly appreciated! As I mentioned, I'm a total noob at Tableau :)

Image of the returned login html, dumped to the page using print_r('ticket')

Thank you!

Answer 1

The first thing I would do is make sure that Trusted Ticketing is working in a vacuum. This link http://ttrequest.notlong.com   will land you in a folder which contains a simple HTML/JavaScript page you can use to make sure everything is configured correctly. Then, look more closely at your code.

Providing a value for target_site (even a zero length string) is necessary as it tells us which Tableau site you're requesting a ticket for. Blank/zero length string = "Default site", essentially.

I know very little PHP, but Tableau provides some sample code which I've used in the past. It doesn't use file_get_contents() to do the POST, but instead leans on http_parse_message()...and it works for me:

 Function get_trusted_ticket_direct($server, $user, $targetsite) {

  $remote_addr = $_SERVER['REMOTE+ADDR'];  
  $params = array(
    'username' => $user,
    'client_ip' => $remote_addr,
    'target_site' => $targetsite
      );

    $ticket= http_parse_message(http_post_fields("http://$server/trusted", $params))->body;

  if ($ticket > 0) {
     return $ticket;
  }
  else
    return 0;
} 

I honestly don't know if file_get_contents() is seen as a 'better' approach than http_parse_message() in the PHP community (maybe someone can comment on this), but the sample code is solid except for the fact that it still doesn't include a reference to the target_site parameter (as it was written way before Tableau had multi-tenancy).

The sample code can be found in C:\Program Files (x86)\Tableau\Tableau Server\7.0\extras\embedding\php

Good luck!

Answer 2

You must use the site ID and not the 'name'. Also be careful that the site name and ID are not the same string, as that resulted in the html page being returned; ensure that your site name and ID are different!