Custom Security Extension - Authorization Questions Using Forms Authentication

Nov 9, 2007

Greetings. I have developed our own custom security extension, implemented forms based authentication, and can authenticate from report manager, report server and sql studio. So far so good.

However, when it comes to Authorization, i'm unclear in a few areas and would appreciate if someone could help me out with the following questions. It should be noted that in the code I have granted an administrator user full access to all operations and permissions, and then tested against both an administrator user and a normal user.


IAuthorizationExtension.GetPermissions summary says

"Returns the set of permissions granted a specific user for an item in the report server database."

Inparticular, the secDesc parameter is supposed to contain the security descriptor associated with the item.

However, with our extension this parameter is always null, even if I have already granted access for a user, which is confirmed through logging in CreateSecurityDescriptor.

Through the report manager or sql studio I can see that the permissions have been created, so I can't understand why I never see them in the GetPermissions method? This then (seems to) flow through to the various CheckAccess methods, where the users are authenticated, but are not authorized to perform any operations. i.e. in report manager a user has no folders or reports available.


Is RS authorization designed around the concept that the details will always be stored in it's own database?

Ideally, we'd like to have the various roles, users and function authorizations defined in our own security framework. This is working great for the authentication aspect of the extension, but unless there is a mechanism which exposes the details of the particular authorization process (e.g. the name of the folder being viewed or report being run), then I can't see a way we can implement it. Unless i'm missing something fundamental of course!


Using Report Builder as the Administrator user (or any other user), I can see no data models available, even though I have created them via Report Manager, and I get the following exception trying to open up the list of reports:

System.Web.Services.Protocols.SoapException: The permissions granted to user '' are insufficient for performing this operation. ---> Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user '' are insufficient for performing this operation. at Microsoft.ReportingServices.Library.ListChildrenAction.PerformActionNow() at Microsoft.ReportingServices.Library.RSSoapAction.Execute() at Microsoft.ReportingServices.WebServer.ReportingService2005.ListChildren(String Item, Boolean Recursive, CatalogItem[]& CatalogItems)

I have implemented a report server proxy (inherited from ReportService2005) as per the example, to pass through the authorization cookie. Any clues as to what could be wrong?

Finally, I suspect part of my problem may be in assignment of users to System Roles ("System Administrator" and "System User"), I'm not sure if these are meant only for Windows Authentication? I can see no way of assigning these roles to any of my users using Forms Authentication.

Thanks for any help or advice you can give!

View 25 Replies


ADVERTISEMENT

Can You Set Up Forms Authentication Without A Security Extension?

Mar 13, 2007

On my current project we have a requirement to re-authenticate the user when accessing sensitive information.

We want re-authenticate using standard NT logins against Active Directory (not a custom database or SSO.

This is trivial to configure using Basic Authentication, however I would like to use an ASP.NET login form. I would like to avoid writing a security extension as I do not want to perform custom authentication. I would like the web service to use it's built in authentication and authorisation mechanisms.

Is the above possible???

The following gives some more details about wht I've tried.

I have tried configuring the report server/manager with Forms authentication as in the sample but cannot get it to work with out implementing the security extensions.

I changed the web.config files and the policy files for permissioning my dll with FullTrust. I did not configure an extension as I want reporting services to use it's built in windows security mechanisms.

In the login page code behind I call the ReportingService2005.LogonUser() method which always throws the following exception:
Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'. The request failed with the error message: --




Reporting Services Error




The report server has encountered a configuration error. See the report server log files for more information. (rsServerConfigurationError) Get Online Help



SQL Server Reporting Services --.



I check the log file and it has the following:


at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.logon_aspx.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
aspnet_wp!library!18!03/13/2007-11:38:23:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details., ;
Info: Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details. ---> System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.FormatException: Input string was not in a correct format.
at System.Text.StringBuilder.FormatError()
at System.Text.StringBuilder.AppendFormat(IFormatProvider provider, String format, Object[] args)
at System.String.Format(IFormatProvider provider, String format, Object[] args)
at Microsoft.Samples.ReportingServices.CustomSecurity.Logon.ServerBtnLogon_Click(Object sender, EventArgs e) in C:Program FilesMicrosoft SQL Server90SamplesReporting ServicesExtension SamplesFormsAuthentication SamplecsFormsAuthenticationLogon.aspx.cs:line 130
at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
--- End of inner exception stack trace ---
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.logon_aspx.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
--- End of inner exception stack trace ---
aspnet_wp!library!18!03/13/2007-11:38:24:: i INFO: Exception dumped to: c:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFiles flags= ReferencedMemory, AllThreads, SendToWatson
aspnet_wp!library!1!03/13/2007-11:39:11:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. See the report server log files for more information., Could not load Authentication extension;
Info: Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. See the report server log files for more information.



Am I missing something? Is this even possible? If not, then why isn't it possible?

It feels like I've been going round in circles on something that shouold be pretty trivial to configure.

Thanks in advance.

Adam.

View 9 Replies View Related

Visual Studio Report Deployment With Custom Forms Authentication Extension

Oct 9, 2007



Hey, I was just wondering if someone could point me in the right direction on an issue. I've got the authentication portion of a custom security extension working properly (while authorization is just sort of giving everyone a pass) and all of my Googling efforts seem to be bearing little fruit. Now that authentication is in place, whenever I try to deploy a report from Visual Studio, it comes up with an error.

The error is that it is getting the authentication html login page set in web.config (as I expected), while it was looking for an xml page. I'm a bit new to this side of things so I'm not really even sure where I should be looking to see what kind of xml page it wants and such.

I don't need anyone to bother explaining the entire thing to me as I should be able to figure it out once I can get a start, but as I said I just need a kick in the right direction because my Google-fu has failed

View 2 Replies View Related

Forms Security Extension Sample

Mar 9, 2006

Hi,

I have installed the SSRS 2005 Forms based login security extension as per the sample and instructions that come with the product install. I have double checked my work and debugged up to the point explained here.

My user is in the database and I can get to the login page. I have traced the code and can see the user being authenticated properly by server.LogonUser, the authentication cookie being created and placed in the response object, and then the redirect url being set to the reports/pages/folder.aspx. I have employed tcptrace and can see the sqlAuthCookie set in subsequent posts.

Unfortunately the redirect to folder.aspx never happens. I keep returning to UILogon.aspx. I think their is something either wrong with the auth cookie or the web.config in the ReportServer IIS virtual directory. The relevant xml from the web.config is attached below.

I would appreciate any thoughts. I am running on W2K3 SP1. Thanks.

Mitch

<identity impersonate="false" />

<!--<authentication mode="Windows" />-->

<authentication mode="Forms">

<forms loginUrl="logon.aspx" name="sqlAuthCookie" timeout="60" path="/"></forms>

</authentication>

<authorization>

<deny users="?" />

</authorization>

View 3 Replies View Related

Problem With Forms Security Extension Sample - RS 2005

Feb 21, 2007

I am attempting to deploy the sample Security Extensions. When I navigate to <machinename>/reports in IE, it works fine and I am able to register the administrator. The user exists in the table correctly, but I am unable to login as the user. It keeps going back to the same uilogon.aspx redirect page.

It appears to be a similar error as http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=289636&SiteID=17

However, I am using the machine name the entire name, never referring to it as localhost. Any ideas? Thanks!

View 1 Replies View Related

Issue In Custom Security Extension

Aug 22, 2006

Hi,

The custom security extension generates the following error, when try to access Report Manager. The specifications are as follows.
1. Its 64-bit SQL Server (Reporting Services) and installed as default instance.
2. The Report Server is accessible programmatically. I can publish, view reports without problems, but Report Manager gives an error.
3. Another instance (named instance) of Reporting Services with the same custom security extension on same server is working fine. Report Manager opens up without problems.
4. Both the instances working fine since 3 installation and configuration (3 months back). Now, only the Report Manager of the default instance is not openeing up.

ReportServerWebApp__08_22_2006_08_52_20.log
-------------------------------------------------------------------------
w3wp!ui!1!8/22/2006-08:52:56:: i INFO: Overwriting existing cookie
w3wp!ui!1!8/22/2006-08:52:57:: e ERROR: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
w3wp!ui!1!8/22/2006-08:52:57:: e ERROR: HTTP status code --> 500
-------Details--------
Microsoft.ReportingServices.UI.Global+RSWebServiceWrapper+CantCommunicateWithReportServerException: The report server is not responding. Verify that the report server is running and can be accessed from this computer.

at Microsoft.ReportingServices.UI.Global.RSWebServiceWrapper.GetSecureMethods()

at Microsoft.SqlServer.ReportingServices2005.RSConnection.IsSecureMethod(String methodname)

at Microsoft.SqlServer.ReportingServices2005.RSConnection.ValidateConnection()

at Microsoft.ReportingServices.UI.Global.SecureAllAPI()

at Microsoft.ReportingServices.UI.ReportingPage.EnsureHttpsLevel(HttpsLevel level)

at Microsoft.ReportingServices.UI.ReportingPage.ReportingPage_Init(Object sender, EventArgs args)

at System.EventHandler.Invoke(Object sender, EventArgs e)

at System.Web.UI.Control.OnInit(EventArgs e)

at System.Web.UI.Page.OnInit(EventArgs e)

at System.Web.UI.Control.InitRecursive(Control namingContainer)

at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
w3wp!ui!1!8/22/2006-08:52:57:: i INFO: Overwriting existing cookie
w3wp!ui!1!8/22/2006-08:52:58:: e ERROR: Exception in ShowErrorPage: System.Threading.ThreadAbortException: Thread was being aborted.
at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.End()
at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg) at at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.End()
at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg)


The service is running fine. Any suggestions/pointers would be greatly appreciated.

THanks in advance

View 4 Replies View Related

Deploy Custom Security Extension Sample

Dec 28, 2007

I follow the instructions here to deploy the sample security extension: http://www.codeplex.com/MSFTRSProdSamples/Wiki/View.aspx?title=SS2005!Security%20Extension%20Sample&referringTitle=Home

After I have configure the config files and created the "UserAccounts" database I restart the IIS and tried to connect to Report Manager at http://localhost/Reports

This is the error i got: The report server is not responding. Verify that the report server is running and can be accessed from this computer.

I went to Services and saw my Reporting Services is stopped. Tried to start Reporting Services and it timed out.

View 3 Replies View Related

Custom Security Extension: How To Give Access To Everyone

May 29, 2007

Hi All,



My application is currently integration with reporting services using custom security extension. I have my own USER and ROLE database to determine who/which role can access certain reports.

My question is how to give access a report to be viewable by everyone? I dont want to assign all users or all roles to achieve this.

The other thing that I found out is, let say I change the name one of the user/role. Because of this, the authorization will fail because the old name/role is not in the DB anymore. Is this expected? or is there a workaround it?



Your help is appreciated.



Thanks!

View 2 Replies View Related

Basic Authentication Vs Security Extension For Internet/Xtranet RS Access

Dec 19, 2007

does anybody know why MS doesnt consider Basic Authentication a viable solution for Inter/Xtra net access to RS? I'm re reading the documentation at http://msdn2.microsoft.com/en-us/library/bb283249.aspx but so far am not getting what the Security Extension options accomplish that can't be accomplished with much less effort using some form of Basic Authentication.

View 25 Replies View Related

Deploying With Custom Forms Security Enabled

Jul 31, 2006

I have recently enabled a custom Forms Security on my Windows 2003 Server w/ SQL Server 2005 Reporting Services. All the functionality I would expect is working properly, except for the ability to deploy to the reports server from inside my Visual Studio 2005 Reports Project.

The 'Reporting Services Login' window opens, prompting me for a username and password. Regardless of what is supplied, the window keeps reappearing, and I am unable to deploy. I am able to upload the files from within the Report Manager, but that is time consuming and inelegant.

Any help would be greatly appreciated!

View 6 Replies View Related

Implement CheckAccess In Custom Security Extension With Non-builtin Roles

Jan 21, 2008

Roles Table:

RoleID, RoleName
<RoleID1>, Allow_ClientFolder
<RoleID2>, Allow_ClientReportA
<RoleID3>, Allow_ClientReportB
<RoleID4>, Allow_CompanyFolder
<RoleID5>, Allow_CompanyReportA
<RoleID6>, Allow_CompanyReportB

UsersInRoles Table:

UserID, RoleID
<UserID1>, <RoleID1>
<UserID1>, <RoleID2>
<UserID2>, <RoleID4>
<UserID2>, <RoleID5>
<UserID2>, <RoleID6>
<UserID2>, <RoleID1>
<UserID2>, <RoleID3>

e.g.
when the <UserID1> clicks on the "home" link show only "Client" folder and when <UserID1> clicks on the "Client" folder only "ClientReportA" will show.

Here is the accessable map for each user:

<UserID1>
Client

ClientReportA

<UserID2>
Client

ClientReportB
Company

CompanyReportA
CompanyReportB


Question:
What is the best way to implement CheckAccess? At first I thought I can access the item names and I can test authorization through that, but AceCollection contains operation permission of the accessing object.

View 4 Replies View Related

Reporting Service 2005, Custom Security Extension Failed.

Mar 10, 2006

Hi,

I am trying the get the custom security extension samples to work on my machine. I have installed everything according the sameple help file. However, i am getting a "Authentication Ticket is not issued by LogonUser." error after I attempted to log on to the report manager thru UILogon.aspx page. I already created an admin user. Upon a closer inspection, I realized that the authentication went thru okay, however, the authentication Ticket Name contained in the "RSAuthenticationHeader" has a duplicate value of "sqlauthticket, sqlauthticket". So apparently, the report server added this value twice to the response header. Has anyone seen this error before? How would you fix it? Also to bypass this error, I parsed out the header and take the correct auth ticket name, now report manager just redisplays the logon page and not letting me thru. Has anyone have seen that before? I am running in Win 2003 server, IIS 6, .NET 2.0 and SQL server 2005 enterprise version.

Thanks for the help,

Eric



View 1 Replies View Related

Custom Data Extension - Security Error On Report Server

Mar 21, 2007

I have written CDE to retrieve and process data before generating the report. It works very well inside VS.Net. However, when deployed to the report server I get the following error

An error has occurred during report processing. Cannot create a connection to data source 'CallsTaken'. Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

I have added appropriate CAS entry in rssrvpolicy.config file as following




<CodeGroup

class="UnionCodeGroup"

version="1"

Name="CustomDataExtensionCodeGroup"

Description="Code group for the Custom Data Extension"

PermissionSetName="FullTrust">

<IMembershipCondition

class="UrlMembershipCondition"

version="1"

Url="C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportServerinCSS.CustomDataExtension.dll"/>

</CodeGroup>

I have added appropriate entry into rsreportserver.config for data extension as

<Extension Name="Dataset Extension" Type="CSS.RS.Extensibility.CustomDataExtension.DsConnectionWrapper, CSS.CustomDataExtension"/>

Even then I continue to get this error. Any help? Is there anything else I am missing? I am using VS .Net 2005, SRSS 2005 on W23 machine.

I have been stuck here for a while now. Help is appreciated.

Thanks

View 2 Replies View Related

More Custom Security Questions

Jun 25, 2007

Still working on custom security
Since I can't get a name of file (path) from within CheckAccess method it becomes somewhat useless. Is there a way to maybe overload GetPermissions or Policies methods? Or maybe CreateReport method so that I can include some custom code there? Is there an example of something like that?

I wish the catalog tree was transparent to Authentication extension, I don't see a point in acl for a custom extension, all I want is names and I can build on top of that. Something along the lines -




Code Snippet

public bool CheckAccess(...file...)
{
string[] permissions ;
permissions = server.GetPermissions(file);
...
Maybe I am missing something simple and I can tie everything to a security descriptor but I don't see how I can if there is no information such as name, date, modified by name and so on. All we get is principal name which is not very useful since I don't use built-in security names.

Thanks

View 2 Replies View Related

Custom Security Extension - Report Manager And Report Server On Different Machines

Sep 19, 2007

Hi,

I'm trying to deploy Reporting Services on an Internet-facing web server using a custom security extension (forms authentication). We will be putting Report Manager on the Web Server outside of the firewall, and Report Server on another machine inside the firewall. When testing the solution in a development environment with Report Manager and Report Server on the same box, the solution works fine.

When testing it using the Internet-facing environment described above, it almost works but there seems to be an issue with the authentication cookie that is generated. Here's what happens:

1. User enters credentials on UILogon.aspx and submits form.
2. In the code-behind, LogonUser() is called through a web service proxy and the authentication cookie is returned successfully. The code used here to set the cookie is the same code used in the Forms Authentication sample that ships with RS2005.
3. The user is redirected to Folder.aspx, and the request hangs for a while, and eventually kicks you back out to UILogon.aspx, as if it lost the authentication cookie. When doing a trace on the HTTP header, the cookie is still there.

Is there anything special I need to do to make the Report Server "see" the cookie when I have Report Manager and Report Server on different machines?

Any help would be much appreciated!

Mike

View 2 Replies View Related

AUTHORIZATION With WINDOWS AUTHENTICATION -- HELP!!

Jul 23, 2005

i want to implement authorization with windows authentication and don'thave the slightest clue of how to do this implementation. the basicwindows authentication for this .NET application is already setup. myproblem lies within my inability to manipulate the username captured inthe authentication process and my knowledge of how IIS is involved.specifically, i have the following questions:1) what object(s) can be used so that the user's username can bemanipulated for the authorization process?2) in order to apply roles, do the users need to be placed in groups inIIS? if so, how does this work?3) is all the code that the application uses for roles in web.config?or does global.asax play a role in this matter?4) does the web.config file know to communicate with IIS because theauthorization type is set to windows?5) once authorization is in place, can a section of an .aspx file bevisible to a group or can only entire files be secured for a group?as you can see, i'm trying to figure out the relationship betweenauthorization and windows authentication so any help would beappreciated.thanks,johne: Join Bytes!

View 1 Replies View Related

Custom Authorization In Reporting Services

Dec 4, 2006

For custom authorization, I am overwriting the CheckAccess method.

But how do I know what I am trying to access in CheckAccess method? I need to know what report the check access method is trying to execute for our requirements.

How do I get that?

View 1 Replies View Related

Custom Authorization In Reporting Services

Oct 3, 2007

I need to implement custom security in reporting services. I have followed the standard example here:

http://technet.microsoft.com/en-us/library/ms160724.aspx



I got authentication to work without too many problems, and it authenticates by querying my custom table. I want to also maintain my authorizations in the same manner. I want to be able to define in my own tables that user test1 has permission to view reports 1, 3, 5, and 8. User test2 can view reports 1,3,5,8, and 9. User test3 can view 1, 2, and 4. Etc.

The authorization extension, contained in my version of Authorization.cs is where I expected to be able to do this. I wanted to be able to write code that queries my own tables and says, "does this user have permission to view this item?" Getting the this user portion is easy as is obvious in the many checkAccess methods. But being able to tell what item I am currently dealing with has proved impossible from the context of Authorization.cs, which implements IAuthorizationExtension. Knowing what type of item I am dealing with is obvious, but I need to know something that uniquely identifies the exact item I am dealing with.

How can I determine in checkAccess or any of the other available methods what "thing" they are looking at? What can I examine to determine that for instance this particular authorization request is against "Report 1"? It seems that if I was allowed to completely override Authentication to use my tables, I should be able to override Authorization to do the same. Is this possible or am I missing something?


Can anyone help? Thanks.

View 2 Replies View Related

Code Access Security Across Multiple Assembly Security Extension

Oct 14, 2005

Hello there I have trying to figure out for days how to enable FullTrust for my Reporting Services security extension.

View 9 Replies View Related

Report Manager With Forms Authentication. Report Server With Windows Authentication.

Feb 1, 2008

Hi.

I wonder if it is possible to set forms authentication for report manager but leave report server "as it is". I need to authenticate users from external LDAP and can't use windows authentication for report manager, but I would also like to leave report server open for anonymous users. In that way authenticated administrators could create reports which anonymous users could read.

I tested the Security Extension Sample and got it working when I rewrote the authentication part with my own LDAP authentication.

If I have understood correctly, the report manager is just application inside report server so is it possible to use forms authentication with one application but still leave the report server with Windows authentication?

View 1 Replies View Related

Forms Authentication...Can It Really Be Done?

May 22, 2007

I could really use help getting form authentication to work. I have a box with a web site and ReportingServices installed(which if I can get this working will be moved to the DMZ). The databases are on a different machine(which will on on our network).



I have been working with the sample provided with the install and this blog.

http://blogs.msdn.com/bimusings/archive/2005/12/05/500195.aspx



My problem is that I can logon and authenticate but when I call ListChildren() my System.Net.CredentialCache.DefaultCredentials is empty so I get nothing back from the call.

I know that I have a valid cookie because after I logon I can use the Reports and the ReportServer URL's and go directly to those pages.



Can someone tell me what I need to do to make ListChildren() work? Do I still call ListChildren()? Documentation is scarce and would appreciate any help provided.



Thanks



-JW

View 1 Replies View Related

Forms Authentication

May 22, 2008



is it possible to make forms authentication to reports? how cam it be done?

regards
P M varughese

View 1 Replies View Related

Using Rs.exe With Forms Authentication

Jan 31, 2008

I've implemented a membership provider and added it to Reporting Services. It works well from the user interface, but I am unclear on how to authenticate using rs.exe. When I run it with the trace option (-t), I get this back:

System.Exception: Could not connect to server: http://stsstg8642/reportserver/ReportService2005.asmx ---> System.Net.WebException: The request failed with the error message:
--
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportService2005.asmx">here</a>.</h2>
</body></html>

--.
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Microsoft.SqlServer.ReportingServices2005.ReportingService2005.ListSecureMethods()
at Microsoft.ReportingServices.ScriptHost.Management2005Endpoint.PingService(String url, String userName, String password, String domain, Int32 timeout)
at Microsoft.ReportingServices.ScriptHost.ScriptHost.DetermineServerUrlSecurity()
--- End of inner exception stack trace ---
at Microsoft.ReportingServices.ScriptHost.ScriptHost.DetermineServerUrlSecurity()
at Microsoft.ReportingServices.ScriptHost.ScriptHost.InstanceMain()
at Microsoft.ReportingServices.BaseCmdLine.CommandLineMain(String[] args, BaseCmdLine instance)

View 3 Replies View Related

ReportBuilder And Forms Authentication

Aug 6, 2007

We created a custom security extension for RS using Forms Authentication. The issue I am having is in ReportBuilder when the forms authentication ticket expires. Forms auth will attempt to redirect (send a HTTP 302) and the report builder will show the error message "Object moved to here" instead of prompt for credentials. I have been watching the IIS logs and I see the first time report builder start it attempt to connect using default windows credentials and after the FormsAuthenticationRequired exception it will prompt for credentials and invoke LogonUser method, but this only happens the first time or if change the server in the url. I was expecting ReportBuilder to consider the Forms Authentication expiration at any time.


Do you have any idea how to work around this?

Any help is really appreciated.


Thanks

View 6 Replies View Related

Forms Authentication, CheckAccess

Feb 6, 2007

I'm implementing Forms authentication, but I have users stored in two different databases. The "LogonUser" method in my AuthenticationExtension gets an "authority". In that way I can authenticate the user in the correct database.

But... the problem is the CheckAccess method of my AuthorizationExtension. Is it in any way possible to reach the "authority" information from inside it? I need to grant some access to users of the first database and some other access to the users of the second database.

View 1 Replies View Related

ReportViewer (ASP.NET) And Forms Authentication

May 2, 2007

I have successfully implemented forms authentication in RS. It works great to navigate to https://myserver/Reports. I get redirected to the login-page etc. It also works great to use the ReportViewer from within my WinForms app, using the

reportViewer.ServerReport.ReportServerCredentials.SetFormsCredentials

method. I'm also able to communicate with RS through it's web services by first calling the 'LogonUser' method. However, to get that to work I had to inherit the ReportExecutionService for the cookie-handling to work.



Now over to my problem (the only thing so far I haven't got working). I'm trying to use a ReportViewer on an ASP.net web page to access the reports. I have understood that 'SetFormsCredentials' is not avaliable here. Instead, as far as I have understood, I should implement my own IReportServerCredentials . The critical method there I guess is

GetFormsCredentials(out Cookie authCookie, out string formsUser, out string formsPassword, out string formsAuthority)

, am I right?



It's here my problem starts. The examples I have seen haven't implemented this method since they use other types of authentication. So, I would need an example of what to fill that method with...



Regards Andreas



View 4 Replies View Related

Using Forms Authentication In Scripts

Dec 20, 2005

We have customized the report server to use our forms authentication. Our authentication expects a cookie.

Now if I want to deploy reports using a script, how do i do it?. I tried specifying

rs.exe <filename> <username><password> but then it does not work as the cookie doesnt exits?

 

Any ideas how this could be done? We do not want to use the report manager to deploy reports as we want an automated process.

View 5 Replies View Related

Need Direction For RS Forms Authentication

Apr 11, 2007

I have some reports on a report server that needs to be reached in two ways.
1 - From a windows client application (over internet)
2 - From a web browser (over internet)
Windows authentication could not be used here, since the users are not part of any domain etc, so I have implemented forms authentication for Reporting Services as described here:
http://msdn2.microsoft.com/en-us/library/ms160724.aspx
My first task was to access the reports from the windows forms application, and I managed to do that without too much trouble using a ReportViewer and setting the custom credentials in this way:
myReportViewer.ServerReport.ReportServerCredentials.SetFormsCredentials(null, "loginname", "password", "");
Works great!
However, now I'm dealing with the second problem... accessing the reports from the web. Sure, this works fine if i just type http://myserver/reports/. This brings up the custom loginpage and if I enter correct login information I get access to the reports... The problem is that I don't want to show everything 'around' (on top of) the report, I just want to show a report. Lets say I have a webpage with two frames. One on the left with a couple of links each representing a singel report. When clicking the link the report should be rendered in the right frame.
What approach should I use here? When and where should the user authentication take place?
I have done some testing with an ASP.NET application using a report viewer, but I seem to get the error:
Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'
I guess this is because Reporting services wants to bring up the login page? I can't find any way of setting the credentials for the reportViewer in my ASP.NET app, like I did in the WinForms app. I'm really not a web-developer so I might be missing some obvious points here, if I do, please point me in the right direction...
I have also read about using the Report server web service to render the html-page without using the reportviewer, but when I try to make a call to a service like this:
ReportingService _rs = new ReportingService();
_rs.Url = "http://myServer/ReportServer/ReportService.asmx";
CatalogItem[] items = _rs.ListChildren("/", true);
I get an exception like the one above, telling:
Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'
Where should I go from here... any help would be much appriciated!
Regards Andreas

View 2 Replies View Related

Report Builder With Forms Authentication

Mar 5, 2007

Hi,

After implementing custom security extension for forms authentication, the report server works fine with Report Manager and web application. However, there is a problem with Report Builder.

It gives SecurityException "That assembly does not allow partially trusted callers.". Its becos I am using my own security assembly for authentication. I resolved this issue by using the following in my assemblyinfo.cs

[assembly: System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.RequestMinimum, Name="FullTrust")]

However, now when I login to Report Builder it gives me error System.IO.FileNotFoundException. Its not able to find my security assembly.

I also tried giving FullTrust to the assembly using Framework 2.0 Configuration. I read somewhere that the ClickOnce application caches its last called settings in the manifest file and you have to delete the manifest and manually alter the security in the application settings(properties).

Is this true? Is there any solution to this issue? Is this really an issue with clickonce application?

This is really urgent. Any suggestions.

Thanks in advance.

View 1 Replies View Related

Windows And Forms Authentication Issues

Nov 15, 2006

I have a user who is trying to access the SQL 2005 server with 2 seperate accounts(using Windows Authentication).  With one account he can connect just fine, but with the seccond he recieves a logon fail error.  The only difference that we can tell is that the first account uses a password for our kerberos domain, and the second (that fails) uses a longer pass phrase (which does use spaces as characters).  My intuition tells me that shouldn't matter, but I've been wrong before.  Can anyone confirm this, or correct me if I'm wrong?  This is using ASP.NET 2005 for the front end.  The exact Exception details are: "System.Data.SqlClient.SqlException: Login failed for user 'domainuser "

 The stack trace is:

SqlException (0x80131904): Login failed for user 'domainuser'.]
   System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +734867
   System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) +188
   System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +1838
   System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) +33
   System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) +628
   System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) +170
   System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) +359
   System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options) +28
   System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject) +424
   System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject) +66
   System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject) +496
   System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) +82
   System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) +105
   System.Data.SqlClient.SqlConnection.Open() +111
   System.Data.Common.DbDataAdapter.FillInternal(DataSet dataset, DataTable[] datatables, Int32 startRecord, Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior behavior) +121
   System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, Int32 startRecord, Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior behavior) +137
   System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, String srcTable) +83
   System.Web.UI.WebControls.SqlDataSourceView.ExecuteSelect(DataSourceSelectArguments arguments) +1770
   System.Web.UI.DataSourceView.Select(DataSourceSelectArguments arguments, DataSourceViewSelectCallback callback) +17
   System.Web.UI.WebControls.DataBoundControl.PerformSelect() +149
   System.Web.UI.WebControls.BaseDataBoundControl.DataBind() +70
   System.Web.UI.WebControls.GridView.DataBind() +4
   System.Web.UI.WebControls.BaseDataBoundControl.EnsureDataBound() +82
   System.Web.UI.WebControls.CompositeDataBoundControl.CreateChildControls() +69
   System.Web.UI.Control.EnsureChildControls() +87
   System.Web.UI.Control.PreRenderRecursiveInternal() +41
   System.Web.UI.Control.PreRenderRecursiveInternal() +161
   System.Web.UI.Control.PreRenderRecursiveInternal() +161
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1360


The user just told me this occurs with Forms Authentication, as well.

View 14 Replies View Related

Custom Forms

Jun 27, 2006

I have created custom form without borders , i have written functions to minimize, maximize, exit and even for moving the window, now i need to write function to resize the window , is there any way resize the window...

View 1 Replies View Related

Custom Data Extension (CDE) For SQL Express

Oct 25, 2007

Hi all,

My query should be pretty simple to answer by the gurus. I have SQL Server Express Advance series installed at my system along with VS 2005. I tried the reporting services (remote mode) to display a report in the report viewer on my aspx page. The report simply uses an SQL query to get the result. Everything works fine and dandy!

However if i want to get data from my own data set, i used a webservice and ussed the XML data source option in the report to traverse through the XML. In the preview mode of the RDL everything works fine however when i deploy or rather run it using report viewer on my webpage, it gives an error that 'XML' has not been registered as an extension etc.

I looked in the rsserver config file, it IS configured. The only answer i have is that the EXPRESS version of SQL only supports the regular SQL data sources. I do not understand if that was the case, why does the preview mode work fine??

If i am correct then for the next release the ms developers should disable that or rather give a more meaning full error. I spent an entire day fideling around just to find out that it isnt supported with debates all over the place as to why in the world does it work in the preview mode?

Anyhoo, to get around that issue, i am wondering if the Custom Data Extension would work on the SQL Express or not? I am assuming it wouldnt. Please clearify this. Ideally all i want is to access my own data set in the report, no SQL queries or whatever, CDE seems the way forward but does SQL Express allow it?

Many thanks guyz.

Regards

Zeeshan
(btw, its only been two days since i started working with reporting services, so be gentle :-D )

View 1 Replies View Related

Error When Deploying Forms Authentication Sample

Feb 20, 2007

Hello

I'm trying to get the forms authentication sample working - I have followed the instructions given in the ReadMe that came with the samples. When I try to browse to localhost/reportserver (on the server), instead of seeing the logon page as expected, I get the following error message:



An internal error occurred on the report server. See the error log for more details. (rsInternalError) Get Online Help

Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

I built the sample in VS 2005, and am using v2 of .net. Reporting services is installed on a windows server 2003 machine.

This has been driving me crazy for a while now. Any help would be greatly appreciated!

Thanks in advance

Dominic

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved