I need help regarding forms authentication in SSRS. I exactly followed the steps described in the article: http://blogs.msdn.com/bimusings/archive/2005/12/05/500195.aspx. However it doesn€™t seem to be working at my end. The only things that I didn€™t implement correctly are the two members of IExtension interface, here€™s the code for these two members;
public string LocalizedName
{
get { return "Naveed"; }
}
public void SetConfiguration ( string configuration )
{
//throw new Exception("The method or operation is not implemented.");
}
After performing all the steps mentioned in the article when I access http://<servername>/reports, it displays my login page alright, but when I submit the user credentials (whether right or wrong) it gives me:
€œAccess denied creating App_Data subdirectory€?
Description: For security reasons, the identity 'NAVEEDSIDDIQUIASPNET' (under which this web application is running), does not have permissions to create the App_Data subdirectory within the application root directory. ASP.NET stores the Microsoft SQL Express Database file used for services such as Membership and Profile in the App_Data subdirectory of your application.
Along with steps of how to grant the required permission. My question is why it is trying to create the new directory. Does it mean it is unable to find the database or does it mean something else? When I access http://<servername>/reportserver, it gives me:
An internal error occurred on the report server. See the error log for more details. (rsInternalError) Get Online Help
Could not load type 'Vantage.CustomSecurityExtension.Logon'.
Could not load type 'Vantage.CustomSecurityExtension.Logon'.
Could not load type 'Vantage.CustomSecurityExtension.Logon'.
Could not load type 'Vantage.CustomSecurityExtension.Logon'.
Here €˜Logon€™ is the name of the code-behind class of my login page.
I've used the code from UILogon.aspx (Forms Authentication Security Extension) to extend a proxy server in a windows application to manage the cookie when connecting to a Reporting Services web service.
When the proxy class is instantiated I get this error on the AuthCookie property: 'server.AuthCookie' threw an exception of type 'System.NullReferenceException'
The code executes properly in UILogon.aspx and AuthCookie is set to a null reference.
Please adviseif you can assist debugging this:
The code: ------------------------------------------------------ //using directives ------------------------------------------------------- using System; using System.Collections; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.IO; using System.Text; using System.Text.RegularExpressions; using System.Web.Services.Protocols; using System.Windows.Forms; //using rs2005 = Microsoft.SqlServer.ReportingServices.ReportService2005; using rs2005 = Microsoft.Samples.ReportingServices.RSExplorer.ws_reportservice2005; using System.Runtime.InteropServices; using Microsoft.SqlServer; using Microsoft.SqlServer.MessageBox; using System.Globalization; using System.Net; using System.Web;
----------------------------------------------- // proxy class -------------------------------------------- public class ReportServerProxy : rs2005.ReportingService2005 {
protected override WebRequest GetWebRequest(Uri uri) { HttpWebRequest request; request = (HttpWebRequest)HttpWebRequest.Create(uri); // Create a cookie jar to hold the request cookie CookieContainer cookieJar = new CookieContainer(); request.CookieContainer = cookieJar; Cookie authCookie = AuthCookie; // if the client already has an auth cookie // place it in the request's cookie container if (authCookie != null) request.CookieContainer.Add(authCookie); request.Timeout = -1; request.Headers.Add("Accept-Language", HttpContext.Current.Request.Headers["Accept-Language"]); return request; } [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Usage", "CA2201oNotRaiseReservedExceptionTypes")] protected override WebResponse GetWebResponse(WebRequest request) { WebResponse response = base.GetWebResponse(request); string cookieName = response.Headers["RSAuthenticationHeader"]; // If the response contains an auth header, store the cookie if (cookieName != null) { Utilities.CustomAuthCookieName = cookieName; HttpWebResponse webResponse = (HttpWebResponse)response; Cookie authCookie = webResponse.Cookies[cookieName]; // If the auth cookie is null, throw an exception if (authCookie == null) { throw new Exception( "Authorization ticket not received by LogonUser"); } // otherwise save it for this request AuthCookie = authCookie; // and send it to the client Utilities.RelayCookieToClient(authCookie); } return response; } private Cookie AuthCookie { get { if (m_Authcookie == null) m_Authcookie = Utilities.TranslateCookie( HttpContext.Current.Request.Cookies[Utilities.CustomAuthCookieName]); return m_Authcookie; } set { m_Authcookie = value; } } private Cookie m_Authcookie = null; }
I have managed to get the Forms Authentication sample to work bu there is a hitch. I am running Report Server and Report Manager on the same(test) PC. I can logon to the Report Server without a problem but when I try logon from the UILogon.aspx page for Report Manager I receive the following error:
An error occurred while attempting to get the ReportServer Url. The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) An error occurred while attempting to get the ReportServer Url. The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)An error occured while attempting to get the ReportServer Url. The RPC server is unavailable.(Exception from HRESULT: 0x800706BA).
I can register users which suggests that the page can connect to the database.
I wonder if it is possible to set forms authentication for report manager but leave report server "as it is". I need to authenticate users from external LDAP and can't use windows authentication for report manager, but I would also like to leave report server open for anonymous users. In that way authenticated administrators could create reports which anonymous users could read.
I tested the Security Extension Sample and got it working when I rewrote the authentication part with my own LDAP authentication.
If I have understood correctly, the report manager is just application inside report server so is it possible to use forms authentication with one application but still leave the report server with Windows authentication?
I could really use help getting form authentication to work. I have a box with a web site and ReportingServices installed(which if I can get this working will be moved to the DMZ). The databases are on a different machine(which will on on our network).
I have been working with the sample provided with the install and this blog.
My problem is that I can logon and authenticate but when I call ListChildren() my System.Net.CredentialCache.DefaultCredentials is empty so I get nothing back from the call.
I know that I have a valid cookie because after I logon I can use the Reports and the ReportServer URL's and go directly to those pages.
Can someone tell me what I need to do to make ListChildren() work? Do I still call ListChildren()? Documentation is scarce and would appreciate any help provided.
I've implemented a membership provider and added it to Reporting Services. It works well from the user interface, but I am unclear on how to authenticate using rs.exe. When I run it with the trace option (-t), I get this back:
System.Exception: Could not connect to server: http://stsstg8642/reportserver/ReportService2005.asmx ---> System.Net.WebException: The request failed with the error message: -- <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportService2005.asmx">here</a>.</h2> </body></html>
--. at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Microsoft.SqlServer.ReportingServices2005.ReportingService2005.ListSecureMethods() at Microsoft.ReportingServices.ScriptHost.Management2005Endpoint.PingService(String url, String userName, String password, String domain, Int32 timeout) at Microsoft.ReportingServices.ScriptHost.ScriptHost.DetermineServerUrlSecurity() --- End of inner exception stack trace --- at Microsoft.ReportingServices.ScriptHost.ScriptHost.DetermineServerUrlSecurity() at Microsoft.ReportingServices.ScriptHost.ScriptHost.InstanceMain() at Microsoft.ReportingServices.BaseCmdLine.CommandLineMain(String[] args, BaseCmdLine instance)
We created a custom security extension for RS using Forms Authentication. The issue I am having is in ReportBuilder when the forms authentication ticket expires. Forms auth will attempt to redirect (send a HTTP 302) and the report builder will show the error message "Object moved to here" instead of prompt for credentials. I have been watching the IIS logs and I see the first time report builder start it attempt to connect using default windows credentials and after the FormsAuthenticationRequired exception it will prompt for credentials and invoke LogonUser method, but this only happens the first time or if change the server in the url. I was expecting ReportBuilder to consider the Forms Authentication expiration at any time.
I'm implementing Forms authentication, but I have users stored in two different databases. The "LogonUser" method in my AuthenticationExtension gets an "authority". In that way I can authenticate the user in the correct database.
But... the problem is the CheckAccess method of my AuthorizationExtension. Is it in any way possible to reach the "authority" information from inside it? I need to grant some access to users of the first database and some other access to the users of the second database.
I have successfully implemented forms authentication in RS. It works great to navigate to https://myserver/Reports. I get redirected to the login-page etc. It also works great to use the ReportViewer from within my WinForms app, using the
method. I'm also able to communicate with RS through it's web services by first calling the 'LogonUser' method. However, to get that to work I had to inherit the ReportExecutionService for the cookie-handling to work.
Now over to my problem (the only thing so far I haven't got working). I'm trying to use a ReportViewer on an ASP.net web page to access the reports. I have understood that 'SetFormsCredentials' is not avaliable here. Instead, as far as I have understood, I should implement my own IReportServerCredentials . The critical method there I guess is
GetFormsCredentials(out Cookie authCookie, out string formsUser, out string formsPassword, out string formsAuthority)
, am I right?
It's here my problem starts. The examples I have seen haven't implemented this method since they use other types of authentication. So, I would need an example of what to fill that method with...
I have some reports on a report server that needs to be reached in two ways. 1 - From a windows client application (over internet) 2 - From a web browser (over internet) Windows authentication could not be used here, since the users are not part of any domain etc, so I have implemented forms authentication for Reporting Services as described here: http://msdn2.microsoft.com/en-us/library/ms160724.aspx My first task was to access the reports from the windows forms application, and I managed to do that without too much trouble using a ReportViewer and setting the custom credentials in this way: myReportViewer.ServerReport.ReportServerCredentials.SetFormsCredentials(null, "loginname", "password", ""); Works great! However, now I'm dealing with the second problem... accessing the reports from the web. Sure, this works fine if i just type http://myserver/reports/. This brings up the custom loginpage and if I enter correct login information I get access to the reports... The problem is that I don't want to show everything 'around' (on top of) the report, I just want to show a report. Lets say I have a webpage with two frames. One on the left with a couple of links each representing a singel report. When clicking the link the report should be rendered in the right frame. What approach should I use here? When and where should the user authentication take place? I have done some testing with an ASP.NET application using a report viewer, but I seem to get the error: Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml' I guess this is because Reporting services wants to bring up the login page? I can't find any way of setting the credentials for the reportViewer in my ASP.NET app, like I did in the WinForms app. I'm really not a web-developer so I might be missing some obvious points here, if I do, please point me in the right direction... I have also read about using the Report server web service to render the html-page without using the reportviewer, but when I try to make a call to a service like this: ReportingService _rs = new ReportingService(); _rs.Url = "http://myServer/ReportServer/ReportService.asmx"; CatalogItem[] items = _rs.ListChildren("/", true); I get an exception like the one above, telling: Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml' Where should I go from here... any help would be much appriciated! Regards Andreas
After implementing custom security extension for forms authentication, the report server works fine with Report Manager and web application. However, there is a problem with Report Builder.
It gives SecurityException "That assembly does not allow partially trusted callers.". Its becos I am using my own security assembly for authentication. I resolved this issue by using the following in my assemblyinfo.cs
However, now when I login to Report Builder it gives me error System.IO.FileNotFoundException. Its not able to find my security assembly.
I also tried giving FullTrust to the assembly using Framework 2.0 Configuration. I read somewhere that the ClickOnce application caches its last called settings in the manifest file and you have to delete the manifest and manually alter the security in the application settings(properties).
Is this true? Is there any solution to this issue? Is this really an issue with clickonce application?
On my current project we have a requirement to re-authenticate the user when accessing sensitive information.
We want re-authenticate using standard NT logins against Active Directory (not a custom database or SSO.
This is trivial to configure using Basic Authentication, however I would like to use an ASP.NET login form. I would like to avoid writing a security extension as I do not want to perform custom authentication. I would like the web service to use it's built in authentication and authorisation mechanisms.
Is the above possible???
The following gives some more details about wht I've tried.
I have tried configuring the report server/manager with Forms authentication as in the sample but cannot get it to work with out implementing the security extensions.
I changed the web.config files and the policy files for permissioning my dll with FullTrust. I did not configure an extension as I want reporting services to use it's built in windows security mechanisms.
In the login page code behind I call the ReportingService2005.LogonUser() method which always throws the following exception: Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'. The request failed with the error message: --
Reporting Services Error
The report server has encountered a configuration error. See the report server log files for more information. (rsServerConfigurationError) Get Online Help
SQL Server Reporting Services --.
I check the log file and it has the following:
at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.logon_aspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) aspnet_wp!library!18!03/13/2007-11:38:23:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details., ; Info: Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details. ---> System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.FormatException: Input string was not in a correct format. at System.Text.StringBuilder.FormatError() at System.Text.StringBuilder.AppendFormat(IFormatProvider provider, String format, Object[] args) at System.String.Format(IFormatProvider provider, String format, Object[] args) at Microsoft.Samples.ReportingServices.CustomSecurity.Logon.ServerBtnLogon_Click(Object sender, EventArgs e) in C:Program FilesMicrosoft SQL Server90SamplesReporting ServicesExtension SamplesFormsAuthentication SamplecsFormsAuthenticationLogon.aspx.cs:line 130 at System.Web.UI.WebControls.Button.OnClick(EventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) --- End of inner exception stack trace --- at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.logon_aspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) --- End of inner exception stack trace --- aspnet_wp!library!18!03/13/2007-11:38:24:: i INFO: Exception dumped to: c:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFiles flags= ReferencedMemory, AllThreads, SendToWatson aspnet_wp!library!1!03/13/2007-11:39:11:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. See the report server log files for more information., Could not load Authentication extension; Info: Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. See the report server log files for more information.
Am I missing something? Is this even possible? If not, then why isn't it possible?
It feels like I've been going round in circles on something that shouold be pretty trivial to configure.
I have a user who is trying to access the SQL 2005 server with 2 seperate accounts(using Windows Authentication). With one account he can connect just fine, but with the seccond he recieves a logon fail error. The only difference that we can tell is that the first account uses a password for our kerberos domain, and the second (that fails) uses a longer pass phrase (which does use spaces as characters). My intuition tells me that shouldn't matter, but I've been wrong before. Can anyone confirm this, or correct me if I'm wrong? This is using ASP.NET 2005 for the front end. The exact Exception details are: "System.Data.SqlClient.SqlException: Login failed for user 'domainuser "
I'm trying to get the forms authentication sample working - I have followed the instructions given in the ReadMe that came with the samples. When I try to browse to localhost/reportserver (on the server), instead of seeing the logon page as expected, I get the following error message:
An internal error occurred on the report server. See the error log for more details. (rsInternalError) Get Online Help
Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
I built the sample in VS 2005, and am using v2 of .net. Reporting services is installed on a windows server 2003 machine.
This has been driving me crazy for a while now. Any help would be greatly appreciated!
I am using Reporting services 2005 and have enabled forms authentication using the example found in: 'C:Program FilesMicrosoft SQL Server90SamplesReporting ServicesExtension SamplesFormsAuthentication Sample' This works correctly without SSL, but when I enable SSL I get an error when logging in. The symptoms are as follows. I can login to the reporting server (in my case <server>/ReportServer2) directory, but when I login to the report manager (in my case at <server>/Reports2) I get the following error: 'The underlying connection was closed: An unexpected error occurred on a send.' Can anyone suggest why I might be getting this error?
I have implemented forms authentication via a custom security extension in RS2005 as described in a relevant sample. I am asked for credentials when accessing the Report Manager and the Report Builder, however I can no longer connect to the report server in SQL Server Management Studio (I get HTML code as the error message) and the Preview tab in the Report Designer now fails with User Not Authorized.
I can live with the first problem, but the Report Designer needs to work. When I debug the extension, I can see that LogonUser method is being passed empty strings. This makes sense, since the Report Designer has not asked me for the credentials. Do I need to modify any the of the Designer configs to have it pop up the username/password window (similar to Report Builder) or is the only solution to use Windows Authentication on development machines and Forms Authentication in production?
We've successfully set up SSRS with forms Authentication (yea - wasn't easy!)
If we browse to the default web site, we get the login page. Once we authenticate, we can move around the site and run reports.
If however, we try to access a page (other than the login page) while we're not authenticated we get an exception instead of being redirected to the login page:
Object reference not set to an instance of an object
If we set the Reportmanagerweb.config file to use Windows authentication, we get a 401 Access Denied page instead.
My first inclination would be to override the Global.asax file for SSRS, swallow the exception and redirect to the Login page. Not sure how to do this since the Global.asax.cs page isn't in the folder (I assume the compiled version hidden away somewhere).
It's not just the intial login either, timeouts are especially frustrating because, instead of being redirected to the login page, the users get the exception.
Any idea what might be causing the exception in the first place?
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportExecution2005.asmx">here</a>.</h2> </body></html>
I have developed a custom authentication extension to Reporting Services 2005, using Visual Studio 2005 C#.
In local integration tests the extension behaved as expected, honouring the role based security of our main system. Following the deployment steps laid out from numerous sources all worked perfectly. We were optimistic.
I've since deployed to a 'live' user acceptance staging server, using the same procedures used in Integration and it's behaving incorrectly.
Initially the log in page is displayed as expected, at this point SQL dumps occur in the RS Log directory, the same as is seen here: http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1750128&SiteID=1
Hopefully there'll be a resolution to that soon. As described in that topic, the main page of Report Manager appears.
After this it all goes wrong.
Sometimes we can browse to a folder and run a report. But after running the report, trying to run something else, or browse back to the containing folder we are presented with the error page with the message:
The permissions granted to user '' are insufficient for performing this operation.
Clicking on the home link brings up the top title and nothing else and you have no option but to close the site and re-login.
Sometimes you get the above message before you can even run a report. The error logs have the message listed at the end of this post.
Other times you log in to the website and the folders don't even appear, just the top title bar.
I have since added some verbose logging in each of the implemented methods in the extension DLL. The permission checking method return true and all the various data in each method appears as expected.
I have checked, checked again and re-checked all the configuration files, they match the local Integration files, barring the machine specific keys etc, they weren't just overwritten.
The location of the log directory where my internal logs are written is read from the configuration files via the SetConfiguration methods, if that wasn't set correctly then there wouldn't be any logs at all, so the configuration is being read correctly by the extension.
One other think that I've noticed is that the back door user that is configured in the config files works perfectly, but I can't see how this can make any sort of a difference as it returns the same result in the extension DLL as a 'normal' user does at the same point in the code.
Can someone please help me, and my poor scalp, it's losing hair at a rate of knots.
Set up: Windows Server 2005 SQL Server 2005 Service Pack 2 (Developer) IIS 6
Error message in the log files:
w3wp!library!1!27/06/2007-10:04:20:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user '' are insufficient for performing this operation., ; Info: Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user '' are insufficient for performing this operation. w3wp!ui!1!27/06/2007-10:04:20:: e ERROR: The permissions granted to user '' are insufficient for performing this operation. w3wp!ui!1!27/06/2007-10:04:20:: e ERROR: HTTP status code --> 500 -------Details-------- Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user '' are insufficient for performing this operation. w3wp!ui!1!27/06/2007-10:04:20:: e ERROR: Exception in ShowErrorPage: System.Threading.ThreadAbortException: Thread was being aborted. at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.End() at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm) at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg) at at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.End() at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm) at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg)
Sorry for the long post but I'll try to give a maximum of information.
I've tried to implement Form Authentication for Reporting Services. Right now, just about everything works as I would hope for, i.e.:
When I try to access http://<server>/ReportServer$SQLSERVER_2005, I am redirected to the authentication form. When successfully authenticated, I can access the report I can display reports throught the ReportViewer Web control by passing the authentication cookie. Etc.
(Note: My implementation of Form Authentication was inspired by http://www.devx.com/dotnet/Article/26759/0/page/1 which seems similar to Microsoft Sample)
(The $SQLSERVER_2005 suffix is because SQL Server 2000 is also installed on the server, but I don't think Reporting Services 2000 is installed)
There is one thing which does not work however and it is the Report Manager.
When I try to access http://<server>/Reports$SQLSERVER_2005, I would expect to be redirected to the /Pages/UILogon.aspx page. Instead, I get an error page with the following message:
"The report server is not responding. Verify that the report server is running and can be accessed from this computer."
Both ReportServer and Reports are on the same server, both have the same security on the folder and in IIS (6.0), both have Anonymous security access "checked".
If I revert to the old .config files (prior to my modifications for Form Authentication) and remove Anonymous from IIS for both sites, everything works fine (like it did after the installation).
Here are excerpts from the config files I've modified in ReportManager:
<CodeGroup class="FirstMatchCodeGroup" version="1" PermissionSetName="FullTrust" Description="This code group grants MyComputer code Execution permission. "> <IMembershipCondition class="ZoneMembershipCondition" version="1" Zone="MyComputer" />
Web.config:
<identity impersonate="false" />
Here is the content of the log ReportServerWebApp_*.log (see error in bold):
<Header> <Product>Microsoft SQL Server Reporting Services Version 9.00.1399.00</Product> <Locale>en-US</Locale> <TimeZone>Eastern Standard Time</TimeZone> <Path>C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFilesReportServerWebApp__11_10_2006_08_32_34.log</Path> <SystemName>MSCAPP02</SystemName> <OSName>Microsoft Windows NT 5.2.3790 Service Pack 1</OSName> <OSVersion>5.2.3790.65536</OSVersion> </Header> w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing MaxActiveReqForOneUser to '20' requests(s) as specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing MaxScheduleWait to default value of '1' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DatabaseQueryTimeout to default value of '30' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing ProcessRecycleOptions to default value of '0' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsScavengerCycle to default value of '30' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsDbCycle to default value of '30' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsAge to default value of '30' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing CleanupCycleMinutes to default value of '10' minute(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DailyCleanupMinuteOfDay to default value of '120' minutes since midnight because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonFlags to default value of '1064' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonDumpOnExceptions to default value of 'Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException,Microsoft.ReportingServices.Modeling.InternalModelingException' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonDumpExcludeIfContainsExceptions to default value of 'System.Data.SqlClient.SqlException,System.Threading.ThreadAbortException' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing SecureConnectionLevel to default value of '1' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DisplayErrorLink to 'True' as specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WebServiceUseFileShareStorage to default value of 'False' because it was not specified in Configuration file. w3wp!ui!5!11/10/2006-08:32:39:: e ERROR: The report server is not responding. Verify that the report server is running and can be accessed from this computer. w3wp!ui!5!11/10/2006-08:32:39:: e ERROR: HTTP status code --> 500 -------Details-------- Microsoft.ReportingServices.UI.Global+RSWebServiceWrapper+CantCommunicateWithReportServerException: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
at Microsoft.ReportingServices.UI.Global.RSWebServiceWrapper.GetSecureMethods()
at Microsoft.SqlServer.ReportingServices2005.RSConnection.IsSecureMethod(String methodname)
at Microsoft.SqlServer.ReportingServices2005.RSConnection.ValidateConnection()
at Microsoft.ReportingServices.UI.ReportingPage.EnsureHttpsLevel(HttpsLevel level)
at Microsoft.ReportingServices.UI.ReportingPage.ReportingPage_Init(Object sender, EventArgs args)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Web.UI.Control.OnInit(EventArgs e)
at System.Web.UI.Page.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) w3wp!ui!5!11/10/2006-08:32:40:: e ERROR: Exception in ShowErrorPage: System.Threading.ThreadAbortException: Thread was being aborted. at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.End() at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm) at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg) at at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.End() at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm) at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg)
So that's it. Thanks for any help you can provide.
Greetings. I have developed our own custom security extension, implemented forms based authentication, and can authenticate from report manager, report server and sql studio. So far so good.
However, when it comes to Authorization, i'm unclear in a few areas and would appreciate if someone could help me out with the following questions. It should be noted that in the code I have granted an administrator user full access to all operations and permissions, and then tested against both an administrator user and a normal user.
"Returns the set of permissions granted a specific user for an item in the report server database."
Inparticular, the secDesc parameter is supposed to contain the security descriptor associated with the item.
However, with our extension this parameter is always null, even if I have already granted access for a user, which is confirmed through logging in CreateSecurityDescriptor.
Through the report manager or sql studio I can see that the permissions have been created, so I can't understand why I never see them in the GetPermissions method? This then (seems to) flow through to the various CheckAccess methods, where the users are authenticated, but are not authorized to perform any operations. i.e. in report manager a user has no folders or reports available.
Is RS authorization designed around the concept that the details will always be stored in it's own database?
Ideally, we'd like to have the various roles, users and function authorizations defined in our own security framework. This is working great for the authentication aspect of the extension, but unless there is a mechanism which exposes the details of the particular authorization process (e.g. the name of the folder being viewed or report being run), then I can't see a way we can implement it. Unless i'm missing something fundamental of course!
Using Report Builder as the Administrator user (or any other user), I can see no data models available, even though I have created them via Report Manager, and I get the following exception trying to open up the list of reports:
System.Web.Services.Protocols.SoapException: The permissions granted to user '' are insufficient for performing this operation. ---> Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user '' are insufficient for performing this operation. at Microsoft.ReportingServices.Library.ListChildrenAction.PerformActionNow() at Microsoft.ReportingServices.Library.RSSoapAction.Execute() at Microsoft.ReportingServices.WebServer.ReportingService2005.ListChildren(String Item, Boolean Recursive, CatalogItem[]& CatalogItems)
I have implemented a report server proxy (inherited from ReportService2005) as per the example, to pass through the authorization cookie. Any clues as to what could be wrong?
Finally, I suspect part of my problem may be in assignment of users to System Roles ("System Administrator" and "System User"), I'm not sure if these are meant only for Windows Authentication? I can see no way of assigning these roles to any of my users using Forms Authentication.
I have SRS configured in SharePoint Integration mode. I have exposed a site collection under two MOSS-enabled websites - the first site has Forms Authentication enabled and the second site has Windows Integrated security enabled.
I have noticed that when I access the website with Forms Authentication I an unable to select "New (Report Model/Report Builder/Report DataSource)" options on my SRS integrated document library. When I access the site using WIndows Integrated security the menu options appear fine. Is there some sort of security trimming happening here that I am not aware of?
Hi all, I am using forms authetication to log in to reporting services. I am using logonuser method of reporting services web service. I am getting the following error when i try to log in
System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Exception: An error occurred while attempting to verify the user.Login failed for user 'SON-1499IUSR_SON-1499'. at Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationUtilities.VerifyPassword(String suppliedUserName, String suppliedPassword) at Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationExtension.LogonUser(String userName, String password, String authority) at Microsoft.ReportingServices.WebServer.RSCustomAuthentication.LogonUser(String userName, String password, String authority) at Microsoft.ReportingServices.WebServer.ReportingService2005Impl.LogonUser(String userName, String password, String authority) at Microsoft.ReportingServices.WebServer.ReportingService2005.LogonUser(String userName, String password, String authority) --- End of inner exception stack trace ---
I have LocalMachine/ASPNET web service identity set in Reporting Services Configuration on Windows XP .
Hey, I was just wondering if someone could point me in the right direction on an issue. I've got the authentication portion of a custom security extension working properly (while authorization is just sort of giving everyone a pass) and all of my Googling efforts seem to be bearing little fruit. Now that authentication is in place, whenever I try to deploy a report from Visual Studio, it comes up with an error.
The error is that it is getting the authentication html login page set in web.config (as I expected), while it was looking for an xml page. I'm a bit new to this side of things so I'm not really even sure where I should be looking to see what kind of xml page it wants and such.
I don't need anyone to bother explaining the entire thing to me as I should be able to figure it out once I can get a start, but as I said I just need a kick in the right direction because my Google-fu has failed
Well, I have SQL Server 2005 SP2 Reporting Services installed and configured in sharepoint integrated mode, so I am deploying reports in sharepoint libraries. Also I configured sharepoint to use forms authentication with builtin AspNetSqlMembership provider, but after this action I couldnot open reports through sharepoint library, instead of this, error was displayed mentioned below. I searched and found hotfix Cumulative Update 3 build 3186 for this issue, request it from microsoft support and applied it, but nothing has changed!
Error I have been experiencing is following:
An unexpected error occurred while connecting to the report server. Verify that the report server is available and configured for SharePoint integrated mode. --> The request failed with the error message: -- <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/_layouts/login.aspx?ReturnUrl= %2f_vti_bin %2fReportServer%2fReportService2006.asmx">here</a>.</h2> </body></html>
I continued to dig and find out that this hotfix should update Microsoft.ReportingServices.SharePoint.UI.WebParts.dll from version 9.0.3042.0 to new version 9.0.3180.0, but when I checked file version after applying hotfix, it remained the same as was before i.e. 9.0.3042.0. Apparently this cumulative update does not fix this issue. anyone has any idea how to solve it? Thanks in advance.
Hello, I have run into a strange problem with RS 2000. I have a base class that will call a reporting server web service, render a report to pdf, then write the report output to the stream. This has worked fine for me for reports.
However, when I render a graph to pdf, I get the following exception:
I only get this exception in our staging environment, not locally.
Here is a code snippet from the ReportServerProxy class, but it is pretty textbook according to the MSDN samples..
public class ReportServerProxy : ReportingService { protected override WebRequest GetWebRequest(Uri uri) { HttpWebRequest request; request = (HttpWebRequest)HttpWebRequest.Create(uri); // Create a cookie jar to hold the request cookie CookieContainer cookieJar = new CookieContainer(); request.CookieContainer = cookieJar; Cookie authCookie = AuthCookie; // if the client already has an auth cookie // place it in the request's cookie container if (authCookie != null){ request.CookieContainer.Add(authCookie); } ...
}
As I said, I can run reports one after another without issue, graphs are causing me problems.
I have installed SP2 on my SQL 2005 instance which also houses RS of course. Additionally I installed WSS3.0 without configuring it so it has the Object Model installed (should be enough?)
I am running WSS 3.0 on a seperate Server and have the Add-in installed on there.
Following the installation instructions I am going to Application Management to configure WSS, but there is no section called "Reporting Services". Looking on the Report Server, in the Configuration I see the following error under the SharePoint Integration Setting:
The report server cannot access settings in the SharePoint configuration database. Most likely, the Windows SharePoint Services object model is not installed or the Report Server Web Service and Windows service accounts do not have access to SharePoint databases. To configure service account access, use SharePoint Central Administration.
In my SharePoint Site I do see a SharePoint section under the "Site Settings" for managing shared schedules but I think the main issue is, that I don't see that section in Central Administration.
I have a Report Server setup on my laptop (XP Pro SP2). I have developed a report which I would like to view from a Windows Forms Application (VB.NET) using a ReportViewer. When I try it from the local machine it works correctly, but if I try to connect and preview the same report from my other PC (Vista Home Premium) I am getting the "Unable to connect to the remote server. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because the connected host failed to respond." error.
I have setup the Processing mode to Remote and correctly setup the ReportPath and ReportServerUrl using:
With rptRetEmp .ProcessingMode = Microsoft.Reporting.WinForms.ProcessingMode.Remote .ServerReport.ReportServerUrl = New Uri("http://192.168.1.2/CPMReports") .ServerReport.ReportPath = "/CPM_Reports/Test" .ServerReport.Refresh() .RefreshReport() End With
Where CPMReports is the Report Server virtual directory and CPM_Reports is the folder where the report Test resides.
I do not know if this has anything to do with the fact that Vista Home does not have Report Services enabled or it is just a permissions problem. I have red several posts that describe similiar problems, but I could not find a solution.