Tableau 9.0, Vizportal, and Forcing Password Security

Not recommended or supported by Tableau in any way. Make a copy of all your original files and be ready to have any changes overwritten with every maintenance release.

One of the most obvious changes in Tableau Server 9.0 is the slick new UI. Under the hood it is called vizportal (replacing the old wgserver, which still lives on to serve a few other purposes). All of the web content for vizportal is stored in

C:\Program Files\Tableau\Tableau Server\9.0\vizportalclient\public\

(or the equivalent if you installed to a non-default directory / 32-bit)

In this directory there are folders for each language supported by Tableau (these will be familiar if you’ve looked at the post on adding a new language). Inside each of those directories, you’ll find identically named files that serve the same purpose — they are the raw content that gets transformed into the visible vizportal pages. Any change you make in one, you’ll need to make in all of them.

Don’t touch any of this stuff unless you have a good reason, are curious, and take enough care that you can recover if you break anything.

Why would you want to in the first place? Imagine your organization has password policy requirements — currently Tableau Server does not have a direct way to require anything from the user, and a user can always change their own password from their own settings page. The REST API has a method to update a user’s password, so it is possible to build an alternate Tableau password change page that implements stricter requirements. But unless you restrict the user to only using the alternative page, they can always change it back to something ridiculously insecure like “password”. How do you stop a user from changing their own password? By taking out the “Change Password” link.

In the language specific directories, there is a file called siteUserSettingsSubplace.html. Inside, there is one line that you can comment out :


<tb:change-password user-id="serverUser.id" username="serverUser.username"></tb:change-password>

to


<!-- <tb:change-password user-id="serverUser.id" username="serverUser.username"></tb:change-password> -->

Save the file, reload the page and see the Change Password link disappear!

Advertisements

5 comments

    1. Tamas,
      I like your solution a lot — good to see some more examples of what can be done with the new VizPortal without being too intrusive. I’ll admit that the use case on enforcing password security was secondary to showing how to hide the UI itself.
      Bryant

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s