Reason #1 not to do this.
Reason #2 (the one that will get you fired)
If Tableau is configured to trust an IP address, then we trust it. Someone sitting on that IP can make a request for a ticket for ANY user on Server, not just for themselves.
This is acceptable:
- The web service has “smarts” and understands who it should request a ticket for – it does so on the user’s behalf.
- Tableau is configured to trust the box that the web service is running on, so it responds correctly when the web service asks for a ticket on a user’s behalf
- The web service passes the ticket back the browser
This is not acceptable:
- You configure Tableau Server to trust the IP addresses of your customers machines, or of servers not under your control