More Custom Security Questions
Jun 25, 2007
Still working on custom security
Since I can't get a name of file (path) from within CheckAccess method it becomes somewhat useless. Is there a way to maybe overload GetPermissions or Policies methods? Or maybe CreateReport method so that I can include some custom code there? Is there an example of something like that?
I wish the catalog tree was transparent to Authentication extension, I don't see a point in acl for a custom extension, all I want is names and I can build on top of that. Something along the lines -
Code Snippet
public bool CheckAccess(...file...)
{
string[] permissions ;
permissions = server.GetPermissions(file);
...
Maybe I am missing something simple and I can tie everything to a security descriptor but I don't see how I can if there is no information such as name, date, modified by name and so on. All we get is principal name which is not very useful since I don't use built-in security names.
Thanks
View 2 Replies
ADVERTISEMENT
Nov 9, 2007
Greetings. I have developed our own custom security extension, implemented forms based authentication, and can authenticate from report manager, report server and sql studio. So far so good.
However, when it comes to Authorization, i'm unclear in a few areas and would appreciate if someone could help me out with the following questions. It should be noted that in the code I have granted an administrator user full access to all operations and permissions, and then tested against both an administrator user and a normal user.
IAuthorizationExtension.GetPermissions summary says
"Returns the set of permissions granted a specific user for an item in the report server database."
Inparticular, the secDesc parameter is supposed to contain the security descriptor associated with the item.
However, with our extension this parameter is always null, even if I have already granted access for a user, which is confirmed through logging in CreateSecurityDescriptor.
Through the report manager or sql studio I can see that the permissions have been created, so I can't understand why I never see them in the GetPermissions method? This then (seems to) flow through to the various CheckAccess methods, where the users are authenticated, but are not authorized to perform any operations. i.e. in report manager a user has no folders or reports available.
Is RS authorization designed around the concept that the details will always be stored in it's own database?
Ideally, we'd like to have the various roles, users and function authorizations defined in our own security framework. This is working great for the authentication aspect of the extension, but unless there is a mechanism which exposes the details of the particular authorization process (e.g. the name of the folder being viewed or report being run), then I can't see a way we can implement it. Unless i'm missing something fundamental of course!
Using Report Builder as the Administrator user (or any other user), I can see no data models available, even though I have created them via Report Manager, and I get the following exception trying to open up the list of reports:
System.Web.Services.Protocols.SoapException: The permissions granted to user '' are insufficient for performing this operation. ---> Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user '' are insufficient for performing this operation. at Microsoft.ReportingServices.Library.ListChildrenAction.PerformActionNow() at Microsoft.ReportingServices.Library.RSSoapAction.Execute() at Microsoft.ReportingServices.WebServer.ReportingService2005.ListChildren(String Item, Boolean Recursive, CatalogItem[]& CatalogItems)
I have implemented a report server proxy (inherited from ReportService2005) as per the example, to pass through the authorization cookie. Any clues as to what could be wrong?
Finally, I suspect part of my problem may be in assignment of users to System Roles ("System Administrator" and "System User"), I'm not sure if these are meant only for Windows Authentication? I can see no way of assigning these roles to any of my users using Forms Authentication.
Thanks for any help or advice you can give!
View 25 Replies
View Related
Feb 18, 2008
I'm trying to create a custom connection manager and I have ConnectionType in the DtsConnection attribute set to "MSMDM". When I tried to create one in a package I got:
The connection type "MSMDM" specified for connection manager "{A8543B4B-41D9-4E69-9580-3D1A491AD719}" is not recognized as a valid connection manager type. This error is returned when an attempt is made to create a connection manager for an unknown connection type. Check the spelling in the connection type name.
(TestHarness1)
So, a few questions:
What are the valid connection manager types?
Why can I not create a new connection manager type of my own?
If I cant create new connection manager types then the purpose of being able to build custom connecton managers is defeated. Hence, what's the point in giving us the ability to create custom connection managers?
-Jamie
View 7 Replies
View Related
May 27, 2008
I've been trying to figure this out on my own for pretty much all of today, and part of last week. I've downloaded samples, searched this forum, blogs, etc. So I figured I would post, since it's the end of the day, and I'm not much further along.
I'm working on a custom transformation component, whose main function is to use SQL encryption/decryption to encrypt/decrypt data from the input columns, into the output columns. The component needs two strings, a key name and a certificate name, as well as the connection manager it should use to connect to SQL which will do the encryption/decryption.
Here's where I'm stuck:
1) How can I provide the key/certificate names via properties? What I'm expecting/looking for is a way to add these two properties at the component-level, which would show up under the "Custom Properties" section of the properties pane (currently, this only has one property, "UserComponentTypeName"). These key/certificate values will be used for all input columns.
2) How do I access the connection managers from within the component? What is the best way to go about using a connection manager from within my component to connect to SQL and perform the encryption/decryption? In a custom task, this was fairly simple, but it seems that same concept won't work on a transformation component.
3) Is there a better way to go about accomplishing this (column encryption via SQL from within SSIS)? Am I going about this all wrong?
As I said, I've searched for direction, but there seems to be next to nothing in the regards of a good reference for creating custom transformation components. I've looked at two MS samples, but can't seem to make any sense out of them.
Thanks in advance.
Jerad
View 3 Replies
View Related
Jun 2, 2006
I have looked at everything I could find on custom components, and I'm still confused about what has to be implemented in ReinitializeMetadata. The first custom component I'm trying to build is very similar to the Audit component, a derived column synchronous transformation that should be able to create any non-empty subset of four types of output columns.
I haven't found anything that does much with the inputs, the samples all seem to rely on RemoveInvalidInputColumns. I haven't found any substantial explanation of what this method actually does, or whether there are cases it doesn't handle. If it really handles all problems on the input side I don't need to know the details, but I'd like to hear some confirmation that this is the case.
For outputs, most of the sample projects seem to just call the base method. Some projects throw out all the output columns and create new ones to match the input columns one-to-one. Project Real throws away all the output columns and external metadata columns and creates a standard set of output columns with external metadata. The RegEx sample project uses information in a component custom property to tell it what output columns to expect, then adds missing columns and deletes unwanted columns. All of these approaches are using some reference information to inform it which outputs belong and which don't. What do you do when there is no other reference, just the output column and external metadata column collections?
The description for this method is "fix the errors found in Validate", but these projects just delete everything that wasn't perfect and recreate anything missing. In cases where the number and types of output columns require some user configuration, maybe a few custom properties, it seems a little high-handed to throw it all away and make them start from scratch. Or do you assume that this method isn't called unless the component state is really screwed up? It seems to me that simply adding or deleting input and output columns in the Advanced Editor would trigger ReinitializeMetadata because the external metadata would be out of sync. If it reacted by immediately re-adding an optional default column you deleted, or deleting an unconfigured column you just added, it would be pretty annoying.
Assuming that I wanted ReinitializeMetadata to actually fix things, I have some specific questions:
1 If an output column is not mapped to an external metadata column (or mapped to a nonexistent emc), should the output column be deleted or should a matching external column be created?
2 Same question reversed, if an external column is not mapped to any output column, should it be deleted or a matching output column created?
3 Would it make sense to look for compatible unmapped output and external columns and remap them?
4 If the user adds or deletes an output column in the advanced editor, was that an output column or an external metadata column?
And another thing, is there a definative list of which methods should be marked as not cls-compliant?
View 5 Replies
View Related
Oct 10, 2006
SQL2K SP4
The apps that connect to my SQL DB's (for internet use) use SQL
authentication (the app login so to speak). Anyways, a Java developer showed
me that he built into his app a way to retrieve that app login and password
from SQL Server. Obviously I wasn't very happy about this. So my questions:
1; Does anyone know if the same thing can be done using .NET code?
2; I've heard of a method using .Net Web Services (WS) for using WINNT
authentication even for internet apps. It would be that the app calls a WS,
that WS the passes in WIINT authentication to the DB and all is good. Has
anyone else out there used this type of security? Is there a link you can
provide?
3; If number 2 is implemented, does it then eliminate the possibility of
apps being able to retieve the sensitive information?
TIA, ChrisR
View 9 Replies
View Related
Sep 25, 2006
I want to create an MS Access front-end for my SQL database.
I want to create user accounts with passwords for each user.
Should I change SQL Server to "MIXED authentication mode" (SQL Server authentication and Windows authentication) ?
********************************************
*** Thank you very much in advanced, security gurus ***
********************************************
View 5 Replies
View Related
Sep 25, 2006
I have created logins and user accounts in SQL Server.
How come, when I open SQL Server, it did not prompt for passwords ?
How can I make it to do so ?
********************************************
*** Thank you very much in advance, security gurus ***
********************************************
View 2 Replies
View Related
Mar 15, 2007
Hello,
I realize that I am confused about SSIS and security.
In BIDS, I work on and modify my packages. That part I understand. Then, I want to build my project, then deploy to SQL Server 2005. I know how to do that too (for the most part, please see below):
My confusion arises around the "Protection Level" options in the package properties. Right now I have everything set to "EncryptSensitiveWithUserKey". My understanding is that I need to change this in order to run my packages from SQL Server jobs, because only the creator of the package can currently run the job.
So my question is, since I want to deploy to SQL Server, don't I want to change the "Protection Level" to "ServerStorage"?
However, it will not let me change the protection level to ServerStorage. It says "The protection level, ServerStorage, cannot be used when saving to this destination"... presumably because it is attempting to save to the file system.
However, even when I built out my packages and saved to SQL Server, I could not change the protection level either.
Which is why I am really confused... Once you save your packages to SQL Server, how do you make changes to the packages, so that the changes are reflected in the packages stored on SQL Server?
There is some concept I am not understanding here.
Thanks for any help
View 8 Replies
View Related
Aug 10, 2006
Hi Remus
Thank you for the email reply.
However i am still not 100% clear, dialog security with certificates when there are hundreds of remote services seems a bit complicated.
I have a few more questions.
1. you said "When sending the first message (any direction), we look up the 'best' certificate for each user"
My inititor sevice is owned by dbo, i have created certificates only for named users not dbo, how would this work?
2. I am going to try settin gup this again, but at the central service i will create a seprate user for each remote service, authorize the remote certificate for this user and use this user in the remote service binding for that remote service, is this correct or am i still doing somehting wrong?
3. How does all of this relate to the endpoint security, i ahve the same scenario, 1 pricipal id with all remote certificates authorized for it for the endpoint? I have no idea how i would have to setup different user for each remote servcie as far as the endpoint goes as there is no remote service binding to dictate which user to use ?
I will keep try and experimenting maybe i will get it right sooner or later.
Thank You
View 6 Replies
View Related
May 28, 2008
I am an Oracle DBA who inherited SQL Server administration. I have been to some 2005 training and I've been supporting several DB's for a while now but I still have some nagging security questions and would appreciate some help.
1) I needed to grant execute on a specific procedure but when I drilled down, I found that it already had execute in the EFFECTIVE PERMISSIONS. I would like to know how to tell where it got this permission from. I did some digging and found that execute appears to have been granted to the schema itself. I didn't know you could do that. Would this result in the effective permission that I observed?
2) I am trying to audit the permissions on existing principles. In Management Studio I drilled down and found permissions under Security and under Server Properties. There are also more permissions under Database Properties and Security and still more assigned at the specific object level. Where can I go or what can I query to see ALL the permissions a principle has been granted across the entire server?
3) If I grant a principle CONTROL to a schema does that also automatically confer DDL rights to said schema or would additional privs be required to perform DDL?
Thanks in advance,
Roger Westbrook
View 1 Replies
View Related
Sep 5, 2006
Hi,
I am new to SQL 2005, can someone give me some details instructions about how to do below two tasks:
All my developers are in a window domain user group, I need to grant dbo privileges to that domain group so then can do the their development work. The rule is all objects they create need to be owned by dbo not by there ID. ( I can€™t do it because I got €ś The €śDeafult_Schema clause cannot be used with a windows group€?)
Same as above but this time they only need select permission on tables nothing else.
Many thanks.
PC
View 1 Replies
View Related
Sep 17, 2007
<!--[if !supportLists]--><!--[endif]-->
I posted this question before, and got a response about Windows Update. However, I work in a larger corp. and need to know if there are any other answers to this? We use a patch client that rolls out patches and service packs after we have tested them in our environment. What can we do to stay as up to date as possible for security patches?
How are security patches for SQL Server Express made available (e.g., as separate distributions or bundled into other Microsoft patch distribution mechanisms)? Are there specific procedures that I need to put in place to ensure that it gets patched on end user machines?
-Kyle
View 1 Replies
View Related
Oct 3, 2007
Hello Everyone,
When I run my report from report manager, I get the following error message
Failed to load expression host assembly. Details: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
My report uses a custom assembly. I have already done the following
1. copied the assembly in the "reportserver�in" and the "common 7privateassemblies" area
2. Made the following entry in the rssrvpolicy.config
<CodeGroup
class="UnionCodeGroup"
version="1"
PermissionSetName="FullTrust"
Name="RSUtil.TranslationHelper"
Description="Translation Helper Utility">
<IMembershipCondition
class="UrlMembershipCondition"
version="1"
Url="C:Program FilesMicrosoft SQL ServerMSSQL.5Reporting ServicesReportServer�inAMOTest.dll"
/>
</CodeGroup>
3. Added the following line to my assemblyinfo.cs file
[assembly: AllowPartiallyTrustedCallers]
regards,
Abhishek.
View 9 Replies
View Related
Aug 22, 2006
Hi,
The custom security extension generates the following error, when try to access Report Manager. The specifications are as follows.
1. Its 64-bit SQL Server (Reporting Services) and installed as default instance.
2. The Report Server is accessible programmatically. I can publish, view reports without problems, but Report Manager gives an error.
3. Another instance (named instance) of Reporting Services with the same custom security extension on same server is working fine. Report Manager opens up without problems.
4. Both the instances working fine since 3 installation and configuration (3 months back). Now, only the Report Manager of the default instance is not openeing up.
ReportServerWebApp__08_22_2006_08_52_20.log
-------------------------------------------------------------------------
w3wp!ui!1!8/22/2006-08:52:56:: i INFO: Overwriting existing cookie
w3wp!ui!1!8/22/2006-08:52:57:: e ERROR: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
w3wp!ui!1!8/22/2006-08:52:57:: e ERROR: HTTP status code --> 500
-------Details--------
Microsoft.ReportingServices.UI.Global+RSWebServiceWrapper+CantCommunicateWithReportServerException: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
at Microsoft.ReportingServices.UI.Global.RSWebServiceWrapper.GetSecureMethods()
at Microsoft.SqlServer.ReportingServices2005.RSConnection.IsSecureMethod(String methodname)
at Microsoft.SqlServer.ReportingServices2005.RSConnection.ValidateConnection()
at Microsoft.ReportingServices.UI.Global.SecureAllAPI()
at Microsoft.ReportingServices.UI.ReportingPage.EnsureHttpsLevel(HttpsLevel level)
at Microsoft.ReportingServices.UI.ReportingPage.ReportingPage_Init(Object sender, EventArgs args)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Web.UI.Control.OnInit(EventArgs e)
at System.Web.UI.Page.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
w3wp!ui!1!8/22/2006-08:52:57:: i INFO: Overwriting existing cookie
w3wp!ui!1!8/22/2006-08:52:58:: e ERROR: Exception in ShowErrorPage: System.Threading.ThreadAbortException: Thread was being aborted.
at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.End()
at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg) at at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.End()
at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg)
The service is running fine. Any suggestions/pointers would be greatly appreciated.
THanks in advance
View 4 Replies
View Related
Apr 12, 2007
Hi,
I'm having a lot of trouble trying to set up a custom security extension with Reporting Services 2005. Following the VB example from McGraw Hill Osborne (http://www.mhprofessional.com/product.php?cat=112&isbn=0072262397&cat=112), I've compiled the .dll for the extension and made the changes to the ReportManager and ReportServer .config files. After I reset IIS and return to the RS website, it displays "The report server has encountered a configuration error..." and I get a message in my System Event log:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
to the user MYMACHINEASPNET SID (S-1-5-21-1708537768-839522115-1343024091-1005). This security permission can be modified using the Component Services administrative tool.
Wondering if anyone else has had similar trouble and how did they get around it?
View 2 Replies
View Related
Dec 28, 2006
Hello...
I am trying to verify that the ability to use the security extension to use Forms based authentication is available (or not) with SQL 2005 Standard. I have read a few books and articles that state that only the Enterprise edition will allow us to use the security extensions to customize authentication and authorization. But a few recently have told me otherwise.
Does anyone know for sure? We use Standard edition...and would like to customize our security.
thanks
- will
View 3 Replies
View Related
Jul 31, 2006
I have recently enabled a custom Forms Security on my Windows 2003 Server w/ SQL Server 2005 Reporting Services. All the functionality I would expect is working properly, except for the ability to deploy to the reports server from inside my Visual Studio 2005 Reports Project.
The 'Reporting Services Login' window opens, prompting me for a username and password. Regardless of what is supplied, the window keeps reappearing, and I am unable to deploy. I am able to upload the files from within the Report Manager, but that is time consuming and inelegant.
Any help would be greatly appreciated!
View 6 Replies
View Related
Dec 28, 2007
I follow the instructions here to deploy the sample security extension: http://www.codeplex.com/MSFTRSProdSamples/Wiki/View.aspx?title=SS2005!Security%20Extension%20Sample&referringTitle=Home
After I have configure the config files and created the "UserAccounts" database I restart the IIS and tried to connect to Report Manager at http://localhost/Reports
This is the error i got: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
I went to Services and saw my Reporting Services is stopped. Tried to start Reporting Services and it timed out.
View 3 Replies
View Related
May 29, 2007
Hi All,
My application is currently integration with reporting services using custom security extension. I have my own USER and ROLE database to determine who/which role can access certain reports.
My question is how to give access a report to be viewable by everyone? I dont want to assign all users or all roles to achieve this.
The other thing that I found out is, let say I change the name one of the user/role. Because of this, the authorization will fail because the old name/role is not in the DB anymore. Is this expected? or is there a workaround it?
Your help is appreciated.
Thanks!
View 2 Replies
View Related
Apr 24, 2007
Hi,
Have compiled and set up a custom security extension for SQL Reporting Services on my local machine and got it working. However, I'm trying to copy the extension across to a different server. So far, I've tried copying the updated dlls straight from my machine to the server and making the relevant changes in Reporting Services .config files (rsWebApplication.config, rssvrpolicy.config, etc)
Initially, the Forms authentication redirects to a login page as expected. However, when we try to submit a login name and password from this login page, it throws this error message:
"Invalid URI: The format of the URI could not be determined."
Is copying the dlls straight across a bad idea?
If anyone has encountered a similar issue, do you know if there are there certain things I should be checking for, or have missed, when trying to replicate a custom security extension on a different machine?
(FYI, the original server where it worked was Windows XP SP2, new server is Windows Server 2003 SP1)
View 1 Replies
View Related
Mar 13, 2008
Ok, I need to test my webservice with the 'use custom server' option on so that I can specify a base URL that I can reference from apps on a remote machine. I have a connection string I am using to access a sql server db that has Integrated Security=true and windows login has a login for it created in the db.
However, whenever I try to call a webmethod I get this error:
System.Data.SqlClient.SqlException: Login failed for user ''. The user is not associated with a trusted SQL Server connection.
But when I call the same webmethod specifiying a sql login / pw, and not integrated security, my webmethod works.
I want to use integrated security though, please help!
View 2 Replies
View Related
May 21, 2008
Hi,
I've created a custom dll using ADOMD.net that takes in a few parameters (Username being one of them) and returns a set of Allowed Members to apply dynamic dimension security. Example:
Code Snippet
Security.GetSetList(UserName,1,"SQL Server")
This works fine for users with less than, say, 100 tuples/members in their set....however for users with more an error:
Error ocurred retreiving child nodes: The 'S' attribute in the 'S' dimension has a generated dimension security expression that is not valid. ...
However, if I take the same set and explicitly (ie
Code Snippet
{[S].[1],[S].[2],.......[S].[50000]}) put it in the Allowed set there's no issue!
I noticed that it takes the UDF a couple of seconds longer to return for users with a large security context. Is there a time-out parameter that controls this? Is there a limitation in the amount of members I can add via custom dll (UDF)? (Some users can have up to 70,000 members)
I should also mention that the UDF uses the StrtoSet function to convert the security context string to a set. The string can be as large as 210,000 characters. Is there a limitation on the string size that can be passed in this function?
Any assistance would be greatly appreciated.
Thanks!!
View 7 Replies
View Related
May 25, 2007
hi,
I am new to report server custom security.
I face the following problem and want to ask if there is a simple way to solve.
we have already running an IS API Filter which handles the authentication for all websites. The fiter is built to secure all websites. It verfies access to URLs and authrize users against an LDAP Directory. Affer the user has authenticated he can connect to the website. The ISAPI Filter sets the LOGONUSER Severvariable so the website can do userspecific filtering.
With the same ISAPI Filter we want to secure report server.
We want to setup roles with usernames to allow or deny specific reports. (this usernames should be validated against the servervariable LOGONUser - by String Comparison).
We do not have any windows authenitcation - and do not need.
The ReportServer User Variable should return this LOGON User to allow report secific data filtering
Is this possible - and explanation how?
Best Regards,
HANNES
View 3 Replies
View Related
Nov 13, 2006
Hello,
When I run my report from within visual studio 2005 it generates just fine.
However, when I run the report from the reporting services local web site I get the following error. What do I need to do to fix this (temporarily turning off .net security uusing caspol didn't work).
An error occurred while executing OnInit: Request for the permission of type 'System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed
View 9 Replies
View Related
Jan 21, 2008
Roles Table:
RoleID, RoleName
<RoleID1>, Allow_ClientFolder
<RoleID2>, Allow_ClientReportA
<RoleID3>, Allow_ClientReportB
<RoleID4>, Allow_CompanyFolder
<RoleID5>, Allow_CompanyReportA
<RoleID6>, Allow_CompanyReportB
UsersInRoles Table:
UserID, RoleID
<UserID1>, <RoleID1>
<UserID1>, <RoleID2>
<UserID2>, <RoleID4>
<UserID2>, <RoleID5>
<UserID2>, <RoleID6>
<UserID2>, <RoleID1>
<UserID2>, <RoleID3>
e.g.
when the <UserID1> clicks on the "home" link show only "Client" folder and when <UserID1> clicks on the "Client" folder only "ClientReportA" will show.
Here is the accessable map for each user:
<UserID1>
Client
ClientReportA
<UserID2>
Client
ClientReportB
Company
CompanyReportA
CompanyReportB
Question:
What is the best way to implement CheckAccess? At first I thought I can access the item names and I can test authorization through that, but AceCollection contains operation permission of the accessing object.
View 4 Replies
View Related
Mar 10, 2006
Hi,
I am trying the get the custom security extension samples to work on my machine. I have installed everything according the sameple help file. However, i am getting a "Authentication Ticket is not issued by LogonUser." error after I attempted to log on to the report manager thru UILogon.aspx page. I already created an admin user. Upon a closer inspection, I realized that the authentication went thru okay, however, the authentication Ticket Name contained in the "RSAuthenticationHeader" has a duplicate value of "sqlauthticket, sqlauthticket". So apparently, the report server added this value twice to the response header. Has anyone seen this error before? How would you fix it? Also to bypass this error, I parsed out the header and take the correct auth ticket name, now report manager just redisplays the logon page and not letting me thru. Has anyone have seen that before? I am running in Win 2003 server, IIS 6, .NET 2.0 and SQL server 2005 enterprise version.
Thanks for the help,
Eric
View 1 Replies
View Related
Mar 21, 2007
I have written CDE to retrieve and process data before generating the report. It works very well inside VS.Net. However, when deployed to the report server I get the following error
An error has occurred during report processing. Cannot create a connection to data source 'CallsTaken'. Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
I have added appropriate CAS entry in rssrvpolicy.config file as following
<CodeGroup
class="UnionCodeGroup"
version="1"
Name="CustomDataExtensionCodeGroup"
Description="Code group for the Custom Data Extension"
PermissionSetName="FullTrust">
<IMembershipCondition
class="UrlMembershipCondition"
version="1"
Url="C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportServer�inCSS.CustomDataExtension.dll"/>
</CodeGroup>
I have added appropriate entry into rsreportserver.config for data extension as
<Extension Name="Dataset Extension" Type="CSS.RS.Extensibility.CustomDataExtension.DsConnectionWrapper, CSS.CustomDataExtension"/>
Even then I continue to get this error. Any help? Is there anything else I am missing? I am using VS .Net 2005, SRSS 2005 on W23 machine.
I have been stuck here for a while now. Help is appreciated.
Thanks
View 2 Replies
View Related
Sep 19, 2007
Hi,
I'm trying to deploy Reporting Services on an Internet-facing web server using a custom security extension (forms authentication). We will be putting Report Manager on the Web Server outside of the firewall, and Report Server on another machine inside the firewall. When testing the solution in a development environment with Report Manager and Report Server on the same box, the solution works fine.
When testing it using the Internet-facing environment described above, it almost works but there seems to be an issue with the authentication cookie that is generated. Here's what happens:
1. User enters credentials on UILogon.aspx and submits form.
2. In the code-behind, LogonUser() is called through a web service proxy and the authentication cookie is returned successfully. The code used here to set the cookie is the same code used in the Forms Authentication sample that ships with RS2005.
3. The user is redirected to Folder.aspx, and the request hangs for a while, and eventually kicks you back out to UILogon.aspx, as if it lost the authentication cookie. When doing a trace on the HTTP header, the cookie is still there.
Is there anything special I need to do to make the Report Server "see" the cookie when I have Report Manager and Report Server on different machines?
Any help would be much appreciated!
Mike
View 2 Replies
View Related
Mar 8, 2007
Hi,
I am creating a custom transformation component, and a custom user interface for that component.
In
my custom UI, I want to show the custom properties, and allow users to
edit these properties similar to how the advanced editor shows the
properties.
I know in my UI I need to create a "Property Grid".
In
the properties of this grid, I can select the object I want to display
data for, however, the only objects that appear are the objects that I
have already created within this UI, and not the actual component
object with the custom properties.
How do I go about getting the properties for my transformation component listed in this property grid?
I am writing in C#.
View 5 Replies
View Related
Aug 14, 2007
Hi,
I've created a Custom Data Flow Component and added some Custom Properties.
I want the user to set the contents using an expression. I did some research and come up with the folowing:
Code Snippet
IDTSCustomProperty90 SourceTableProperty = ComponentMetaData.CustomPropertyCollection.New();
SourceTableProperty.ExpressionType = DTSCustomPropertyExpressionType.CPET_NOTIFY;
SourceTableProperty.Name = "SourceTable";
But it doesn't work, if I enter @[System:ackageName] in the field. It comes out "@[System:ackageName]" instead of the actual package name.
I'm also unable to find how I can tell the designer to show the Expression editor. I would like to see the elipses (...) next to my field.
Any help would be greatly appreciated!
Thank you
View 6 Replies
View Related
Apr 2, 2007
Hi,
I'm trying to enable Expression for a custom property in my custom data flow component.
Here is the code I wrote to declare the custom property:
public override void ProvideComponentProperties()
{
ComponentMetaData.RuntimeConnectionCollection.RemoveAll();
RemoveAllInputsOutputsAndCustomProperties();
IDTSCustomProperty90 prop = ComponentMetaData.CustomPropertyCollection.New();
prop.Name = "MyProperty";
prop.Description = "My property description";
prop.Value = string.Empty;
prop.ExpressionType = DTSCustomPropertyExpressionType.CPET_NOTIFY;
...
}
In design mode, I can assign an expression to my custom property, but it get evaluated in design mode and not in runtime
Here is my expression (a file name based on a date contained in a user variable):
"DB" + (DT_WSTR, 4)YEAR( @[User::varCurrentDate] ) + RIGHT( "0" + (DT_WSTR, 2)MONTH( @[User::varCurrentDate] ), 2 ) + "\" + (DT_WSTR, 4)YEAR( @[User::varCurrentDate] ) + RIGHT( "0" + (DT_WSTR, 2)MONTH( @[User::varCurrentDate] ), 2 ) + ".VER"
@[User::varCurrentDate] is a DateTime variable and is assign to 0 at design time
So the expression is evaluated as: "DB189912189912.VER".
My package contains 2 data flow.
At runtime,
The first one is responsible to set a valid date in @[User::varCurrentDate] variable. (the date is 2007-01-15)
The second one contains my custom data flow component with my custom property that was set to an expression at design time
When my component get executed, my custom property value is still "DB189912189912.VER" and I expected "DB200701200701.VER"
Any idea ?
View 5 Replies
View Related
Aug 17, 2005
What I want to accomplish is that at design time the designer can enter a value for some custom property on my custom task and that this value is accessed at executing time.
View 10 Replies
View Related
