tags:

views:

1200

answers:

2
+3  Q: 

SSRS 2005 - Configuring User Authentication/Authorization

I have created an ASP.NET 2.0 web application and would like to use SSRS 2005 for reporting purposes.

The web application uses forms authentication and custom roles for authorization. I have created reports and deployed it to a our SQL Server 2005 box.

I have two options to integrate the reports into my application:

1) Link to SSRS from within my application. The link would have the parameters and options specified. I make sure that the link only shows for authorized users and it links to correct report with appropriate parameters.

2) Use ReportViewer control and display reports using that. All processing will be done by SSRS

However, I am not sure of the best way to configure security in the IIS on the Reporting Services box. Currently it is set to Windows Integrated Authentication. Also the reporting service has my username with Browser role.

Not all users of my application will have AD login. Also the application is on internet and I don't want to open up SSRS more than necessary. At the same time, I want it to be seamless for our users in that I don't want SSRS to prompt for username and password.

What is the best way to accomplish this? Should I create a dummy AD user and then use it to communicate between ASP.NET app and SSRS? Or if not that, what is the easiest way that achieves everything I need?

+2  A: 

We communicate with the SSRS using the web service interface and with the Report Viewer control using the same AD account for all users. As for permissions we have custom access list that the asp.net page checks before serving the report to the user. This is attached to the username. We have kept the SSRS box off the internet and only way for the user to access is thorugh the application so access list control is enough.

For Report View Control we had to create a custom credential class for passing the AD username and password that inherited from IReportServerCredentials. AD username and password is kept in a xml file.

Hope this helps.

Fahad  2009-02-11 22:13:25
Fahad,This AD account is a non-existent user just used for SSRS?
cwius  2009-02-12 13:56:02
Yes. Just only give enough permission to access SSRS. This user needs to have DataReader access to the database also.
Fahad  2009-02-12 16:53:07
I created a local user in SSRS box and gave it browser permission to SSRS and datareader permission in SQL database. However my reportviewer is not displaying any data..what am I missing?
cwius  2009-02-13 17:12:01
+1  A: 

+1 Fahad

As well as using the IReportServerCredentials interface, one can use an instance of ReportServerConnection and assign it to the report viewer control. We store the username, password and domain (if needed) in the web.config file.

ReportServerConnection credentials = new ReportServerConnection('username', 'password');
ReportViewer1.ServerReport.ReportServerCredentials = credentials;
Tom  2009-02-12 02:13:50
Tom, this user is an AD user, right?
cwius  2009-02-12 13:55:10
That's correct. The ReportServerConnection constructor is overloaded to also take a domain.
Tom  2009-02-12 23:15:54

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps