FOR BI PROS Tableau
Tableau 9.0, Vizportal, and forcing password security – Databoss Version
August 6, 2015
0
, , , , , , ,

Force password policyI’m huge fan of Bryant Howell and his work. His python REST API library is just simply cool. If you’re a python fan that should be your first stop to understand and use the Tableau REST API. But when he wrote about how to force password security in vizportal my first thought was “why don’t we just add the password strength check directly to the VizPortal UI?” And really, why not? We just need to inject a relatively small piece of JS code into Tableau VizPortal which checks if the user supplied password is strong enough: has numbers, mixed case characters and at least eight characters long. Sounds easy, right?

The Goal

We’d like to enforce the password policy for regular users without modifying too many things on the Server. If the password is not strong enough then the “Submit button” will be disabled in the same way when the two passwords don’t match. Also we need to indicate what’s wrong with the password like “Hey Jim, where are your capital letters?!”.

Okay, enough from the words, here is my version. Click on the picture to be part of the miracle in HD:

Users cannot have weak passwords

Users cannot have weak passwords

Lovely? Do you need it? Okay, you’re just two lines away from getting it.

TL;DR – Just give me the code and the instructions

  1. Download my pre-packaged javascript code
  2. Append its contents to %ProgramFiles%\Tableau\Tableau Server\9.1\vizportalclient\public\vizportal.min.js
  3. Test & Enjoy

How does it work?

Here is the complete source code which tells more than thousand words:

As you can see from line 6 to 12 we just defined our rules as simply conditions (like length check or regexp) in an array which is shows or hides the change password button according its evaluated true/false value. You can extend or change these rules as you want.

For the messages I made a jade template where the password-error-messages  list names equal to POLICIES keys. This allows to dynamically show error messages based on the condition evals.

This is pretty straightforward, too. We will inject a list into the vizportal’s password form table and show/hide the error messages after any keypress.

If you expected javascript and HTML, well, then good morning, nobody writes JS or HTML code directly anymore.

The complete code is available in this github repo: https://github.com/tfoldi/tableau-server-password-validator

300k for this single JS? WTF?

Ahh. The dependencies. This is the reasons why you have to import the full, 300k version. Tableau Server’s vizportal does not add jQuery to each and every page but my script requires it. So, I’m not proud, but I just included a minimal jquery in my code (but only in an isolated namespace) to ensure it will not cause issues on other pages. Plus I need Jade and underscore. That’s why my code is 50 lines but the dist code is 300k.

Tamás Földi

Tamás Földi

Director of IT Development at Starschema
Decades of experience with data processing and state of the art programming. From nuclear bomb explosion simulation to distributed file systems. ethical hacking, real time stream processing practically I always had a great fun with those geeky ones and zeros.
Tamás Földi

Related items

/ You may check this items as well

Pasted image at 2018_01_09 04_59 PM

Python Experiments in Tableau 1. – Add live currency conversion to Tableau Dashboards using TabPy

I’m huge fan of Bryant Howell and his work....

Read more
Tableau Docker

HOWTO: Tableau Server Linux in Docker Container

I’m huge fan of Bryant Howell and his work....

Read more
Tableau Consistency Checker

Tableau Filestore Consistency Checker – How Repository Maps to Filestore

I’m huge fan of Bryant Howell and his work....

Read more