I'm trying to incorporate the /ReportServer virtual into our application web
site so we can point the Report Viewer control to /ReportServer rather than
<default web site's IP>/ReportServer. I'm trying to remove authentication
from <app>/ReportServer, but I've been unable to keep it from popping up
that blasted login dialog box. I've briefly tried using the FormsAuth
sample and even rewrote it to always return True from all the authentication
functions, but neither solved my problem.
The application is under Forms Auth. I just want the ReportServer virtual
to run in that context. At this point, I don't even care if it's really
keeping authentication or just letting anyone who happens to type in
http://<our_app>/ReportServer go uncontested. It's extremely frustrating,
and it doesn't work for any users as it is now.
This is SQL Server Standard, so I don't know if custom security extensions
(assuming I really had any clue as to how they worked or how to set them up)
would even work (I came across a page that says only Enterprise supports
them).To my knowledge, for IE to give your windows authentication credentials
automatically to IIS, you have to adresse the website using a machine name.
Use something like http://computername/ReportServer
Suppose your server is named BigBox.leetdomain.com
Address it using http://BigBox/ReportServer
I never had to mess around with the report server security as we want
windows authentication and the report server will not be used externally. It
seems to be configured fine by default.
"DJM" wrote:
> I'm trying to incorporate the /ReportServer virtual into our application web
> site so we can point the Report Viewer control to /ReportServer rather than
> <default web site's IP>/ReportServer. I'm trying to remove authentication
> from <app>/ReportServer, but I've been unable to keep it from popping up
> that blasted login dialog box. I've briefly tried using the FormsAuth
> sample and even rewrote it to always return True from all the authentication
> functions, but neither solved my problem.
> The application is under Forms Auth. I just want the ReportServer virtual
> to run in that context. At this point, I don't even care if it's really
> keeping authentication or just letting anyone who happens to type in
> http://<our_app>/ReportServer go uncontested. It's extremely frustrating,
> and it doesn't work for any users as it is now.
> This is SQL Server Standard, so I don't know if custom security extensions
> (assuming I really had any clue as to how they worked or how to set them up)
> would even work (I came across a page that says only Enterprise supports
> them).
>
>|||The Forms Authentication sample from MSDN gives you instructions on how to
restore to default non-forms-authentication settings.
Basically, it's not recommended since you'll have to re-do your report
permissions. And if you don't have the original .config files backed up,
you'll have a VERY difficult time.
--
'(' Jeff A. Stucker
\
Business Intelligence
www.criadvantage.com
---
"DJM" <msnews@.puddlestheshark.com> wrote in message
news:e6Cz03NzEHA.2600@.TK2MSFTNGP09.phx.gbl...
> I'm trying to incorporate the /ReportServer virtual into our application
> web
> site so we can point the Report Viewer control to /ReportServer rather
> than
> <default web site's IP>/ReportServer. I'm trying to remove authentication
> from <app>/ReportServer, but I've been unable to keep it from popping up
> that blasted login dialog box. I've briefly tried using the FormsAuth
> sample and even rewrote it to always return True from all the
> authentication
> functions, but neither solved my problem.
> The application is under Forms Auth. I just want the ReportServer virtual
> to run in that context. At this point, I don't even care if it's really
> keeping authentication or just letting anyone who happens to type in
> http://<our_app>/ReportServer go uncontested. It's extremely frustrating,
> and it doesn't work for any users as it is now.
> This is SQL Server Standard, so I don't know if custom security extensions
> (assuming I really had any clue as to how they worked or how to set them
> up)
> would even work (I came across a page that says only Enterprise supports
> them).
>
>|||But the standard is Windows Authentication. I still get the
username/password dialog when trying to access a report via report viewer
control from my website.
"Jeff A. Stucker" <jeff@.mobilize.net> wrote in message
news:O$FUn9OzEHA.3708@.TK2MSFTNGP14.phx.gbl...
> The Forms Authentication sample from MSDN gives you instructions on how to
> restore to default non-forms-authentication settings.
> Basically, it's not recommended since you'll have to re-do your report
> permissions. And if you don't have the original .config files backed up,
> you'll have a VERY difficult time.
> --
> '(' Jeff A. Stucker
> \
> Business Intelligence
> www.criadvantage.com
> ---
> "DJM" <msnews@.puddlestheshark.com> wrote in message
> news:e6Cz03NzEHA.2600@.TK2MSFTNGP09.phx.gbl...
>> I'm trying to incorporate the /ReportServer virtual into our application
>> web
>> site so we can point the Report Viewer control to /ReportServer rather
>> than
>> <default web site's IP>/ReportServer. I'm trying to remove
>> authentication
>> from <app>/ReportServer, but I've been unable to keep it from popping up
>> that blasted login dialog box. I've briefly tried using the FormsAuth
>> sample and even rewrote it to always return True from all the
>> authentication
>> functions, but neither solved my problem.
>> The application is under Forms Auth. I just want the ReportServer
>> virtual
>> to run in that context. At this point, I don't even care if it's really
>> keeping authentication or just letting anyone who happens to type in
>> http://<our_app>/ReportServer go uncontested. It's extremely
>> frustrating,
>> and it doesn't work for any users as it is now.
>> This is SQL Server Standard, so I don't know if custom security
>> extensions
>> (assuming I really had any clue as to how they worked or how to set them
>> up)
>> would even work (I came across a page that says only Enterprise supports
>> them).
>>
>|||And since the report server *is* being accessed externally, it's quite
definitely not fine for our needs.
"/dev/null" <devnull@.discussions.microsoft.com> wrote in message
news:2BD4677A-BEF2-4048-92B9-316F38813E85@.microsoft.com...
> To my knowledge, for IE to give your windows authentication credentials
> automatically to IIS, you have to adresse the website using a machine
> name.
> Use something like http://computername/ReportServer
> Suppose your server is named BigBox.leetdomain.com
> Address it using http://BigBox/ReportServer
> I never had to mess around with the report server security as we want
> windows authentication and the report server will not be used externally.
> It
> seems to be configured fine by default.
>
> "DJM" wrote:
>> I'm trying to incorporate the /ReportServer virtual into our application
>> web
>> site so we can point the Report Viewer control to /ReportServer rather
>> than
>> <default web site's IP>/ReportServer. I'm trying to remove
>> authentication
>> from <app>/ReportServer, but I've been unable to keep it from popping up
>> that blasted login dialog box. I've briefly tried using the FormsAuth
>> sample and even rewrote it to always return True from all the
>> authentication
>> functions, but neither solved my problem.
>> The application is under Forms Auth. I just want the ReportServer
>> virtual
>> to run in that context. At this point, I don't even care if it's really
>> keeping authentication or just letting anyone who happens to type in
>> http://<our_app>/ReportServer go uncontested. It's extremely
>> frustrating,
>> and it doesn't work for any users as it is now.
>> This is SQL Server Standard, so I don't know if custom security
>> extensions
>> (assuming I really had any clue as to how they worked or how to set them
>> up)
>> would even work (I came across a page that says only Enterprise supports
>> them).
>>
>>|||Ok, I've set Authentication mode="None", I've set the /ReportServer virtual
to allow Anonymous access as IUSR, I've granted IUSR_GROUP (local group
containing the IUSR, IWAM, and ASP.NET users) access to the \MSSQL\Reporting
Services\ReportServer folder (and files and subfolders), and I've granted
the IUSR_GROUP the Browser role to all reports.
So why, when using the Report Viewer web control, do I see a login box?!?|||Does anyone have any advice or suggestions here? I still haven't resolved
this.
"DJM" <msnews@.puddlestheshark.com> wrote in message
news:uLeyyLnzEHA.352@.TK2MSFTNGP14.phx.gbl...
> Ok, I've set Authentication mode="None", I've set the /ReportServer
> virtual to allow Anonymous access as IUSR, I've granted IUSR_GROUP (local
> group containing the IUSR, IWAM, and ASP.NET users) access to the
> \MSSQL\Reporting Services\ReportServer folder (and files and subfolders),
> and I've granted the IUSR_GROUP the Browser role to all reports.
> So why, when using the Report Viewer web control, do I see a login box?!?
>|||You have two options:
1. Generating the report on the server side of the application by using the
Render SOAP API. The advantage of this approach is that it is more secure
since the user doesn't see the report URL (everything takes place on the
server). The tradeoff is that the interactive features (drilldown,
drillthrough, etc.) will not work with SOAP since their require direct
access to the Report Server by URL. If you decide to take this approach, you
can pass the web app identity to the Report Server and grant a minimum set
of permissions in RS to this account.
2. Replace the RS Windows security with Forms Authentication by writing a
custom security extension. This will allow you to incorporate interactive
features in your reports. In this scenario, the reports will be requested on
the client side of the application (e.g. by using the Report Viewer sample
control). If you decide to take this approach check out the sample security
extension from MS at
(http://msdn.microsoft.com/library/?url=/library/en-us/dnsql2k/html/ufairs.a
sp?frame=true#ufairs_topic3).
So, you have to carefully weight out your requirements for security,
reporting features and your application architecture to determine the best
integration scenario.
--
Hope this helps.
Rags Iyer
"DJM" wrote:
> I'm trying to incorporate the /ReportServer virtual into our application web
> site so we can point the Report Viewer control to /ReportServer rather than
> <default web site's IP>/ReportServer. I'm trying to remove authentication
> from <app>/ReportServer, but I've been unable to keep it from popping up
> that blasted login dialog box. I've briefly tried using the FormsAuth
> sample and even rewrote it to always return True from all the authentication
> functions, but neither solved my problem.
> The application is under Forms Auth. I just want the ReportServer virtual
> to run in that context. At this point, I don't even care if it's really
> keeping authentication or just letting anyone who happens to type in
> http://<our_app>/ReportServer go uncontested. It's extremely frustrating,
> and it doesn't work for any users as it is now.
> This is SQL Server Standard, so I don't know if custom security extensions
> (assuming I really had any clue as to how they worked or how to set them up)
> would even work (I came across a page that says only Enterprise supports
> them).
>
>|||The second option would be ideal, but if you'll notice, I tried that and was
unable to get it to make a shred of difference. Maybe I'm just not smart
enough to figure it out, but it's not working for me.
"Rags Iyer" <RagsIyer@.discussions.microsoft.com> wrote in message
news:A2AD6EB1-4CE8-4305-8063-8EE6AC9E1828@.microsoft.com...
> You have two options:
> 1. Generating the report on the server side of the application by using
> the
> Render SOAP API. The advantage of this approach is that it is more secure
> since the user doesn't see the report URL (everything takes place on the
> server). The tradeoff is that the interactive features (drilldown,
> drillthrough, etc.) will not work with SOAP since their require direct
> access to the Report Server by URL. If you decide to take this approach,
> you
> can pass the web app identity to the Report Server and grant a minimum set
> of permissions in RS to this account.
> 2. Replace the RS Windows security with Forms Authentication by writing a
> custom security extension. This will allow you to incorporate interactive
> features in your reports. In this scenario, the reports will be requested
> on
> the client side of the application (e.g. by using the Report Viewer sample
> control). If you decide to take this approach check out the sample
> security
> extension from MS at
> (http://msdn.microsoft.com/library/?url=/library/en-us/dnsql2k/html/ufairs.a
> sp?frame=true#ufairs_topic3).
> So, you have to carefully weight out your requirements for security,
> reporting features and your application architecture to determine the best
> integration scenario.
> --
> Hope this helps.
> Rags Iyer
> "DJM" wrote:
>> I'm trying to incorporate the /ReportServer virtual into our application
>> web
>> site so we can point the Report Viewer control to /ReportServer rather
>> than
>> <default web site's IP>/ReportServer. I'm trying to remove
>> authentication
>> from <app>/ReportServer, but I've been unable to keep it from popping up
>> that blasted login dialog box. I've briefly tried using the FormsAuth
>> sample and even rewrote it to always return True from all the
>> authentication
>> functions, but neither solved my problem.
>> The application is under Forms Auth. I just want the ReportServer
>> virtual
>> to run in that context. At this point, I don't even care if it's really
>> keeping authentication or just letting anyone who happens to type in
>> http://<our_app>/ReportServer go uncontested. It's extremely
>> frustrating,
>> and it doesn't work for any users as it is now.
>> This is SQL Server Standard, so I don't know if custom security
>> extensions
>> (assuming I really had any clue as to how they worked or how to set them
>> up)
>> would even work (I came across a page that says only Enterprise supports
>> them).
>>
>>|||Is the Login Box still popping up when Forms Authetication is Implemented.?
"DJM" wrote:
> The second option would be ideal, but if you'll notice, I tried that and was
> unable to get it to make a shred of difference. Maybe I'm just not smart
> enough to figure it out, but it's not working for me.
> "Rags Iyer" <RagsIyer@.discussions.microsoft.com> wrote in message
> news:A2AD6EB1-4CE8-4305-8063-8EE6AC9E1828@.microsoft.com...
> > You have two options:
> >
> > 1. Generating the report on the server side of the application by using
> > the
> > Render SOAP API. The advantage of this approach is that it is more secure
> > since the user doesn't see the report URL (everything takes place on the
> > server). The tradeoff is that the interactive features (drilldown,
> > drillthrough, etc.) will not work with SOAP since their require direct
> > access to the Report Server by URL. If you decide to take this approach,
> > you
> > can pass the web app identity to the Report Server and grant a minimum set
> > of permissions in RS to this account.
> >
> > 2. Replace the RS Windows security with Forms Authentication by writing a
> > custom security extension. This will allow you to incorporate interactive
> > features in your reports. In this scenario, the reports will be requested
> > on
> > the client side of the application (e.g. by using the Report Viewer sample
> > control). If you decide to take this approach check out the sample
> > security
> > extension from MS at
> > (http://msdn.microsoft.com/library/?url=/library/en-us/dnsql2k/html/ufairs.a
> > sp?frame=true#ufairs_topic3).
> >
> > So, you have to carefully weight out your requirements for security,
> > reporting features and your application architecture to determine the best
> > integration scenario.
> > --
> > Hope this helps.
> >
> > Rags Iyer
> >
> > "DJM" wrote:
> >
> >> I'm trying to incorporate the /ReportServer virtual into our application
> >> web
> >> site so we can point the Report Viewer control to /ReportServer rather
> >> than
> >> <default web site's IP>/ReportServer. I'm trying to remove
> >> authentication
> >> from <app>/ReportServer, but I've been unable to keep it from popping up
> >> that blasted login dialog box. I've briefly tried using the FormsAuth
> >> sample and even rewrote it to always return True from all the
> >> authentication
> >> functions, but neither solved my problem.
> >>
> >> The application is under Forms Auth. I just want the ReportServer
> >> virtual
> >> to run in that context. At this point, I don't even care if it's really
> >> keeping authentication or just letting anyone who happens to type in
> >> http://<our_app>/ReportServer go uncontested. It's extremely
> >> frustrating,
> >> and it doesn't work for any users as it is now.
> >>
> >> This is SQL Server Standard, so I don't know if custom security
> >> extensions
> >> (assuming I really had any clue as to how they worked or how to set them
> >> up)
> >> would even work (I came across a page that says only Enterprise supports
> >> them).
> >>
> >>
> >>
> >>
>
>|||Yes.
"Rags Iyer" <RagsIyer@.discussions.microsoft.com> wrote in message
news:C574F74E-C580-47A4-86AD-BCD62253C700@.microsoft.com...
> Is the Login Box still popping up when Forms Authetication is
> Implemented.?|||Please check wherther the Security implemenation for Forms Authetication was
properly implemented.The authetication in the Rs Config File needs to be
changed to Forms Authentication and all the required policy is set.
Regards,
Rags Iyer
"DJM" wrote:
> Yes.
> "Rags Iyer" <RagsIyer@.discussions.microsoft.com> wrote in message
> news:C574F74E-C580-47A4-86AD-BCD62253C700@.microsoft.com...
> >
> > Is the Login Box still popping up when Forms Authetication is
> > Implemented.?
>
>|||Please check wherther the Security implemenation for Forms Authetication was
properly implemented.The authetication in the Rs Config File needs to be
changed to Forms Authentication and all the required policy is set.
Regards,
Rags Iyer
"DJM" wrote:
> Yes.
> "Rags Iyer" <RagsIyer@.discussions.microsoft.com> wrote in message
> news:C574F74E-C580-47A4-86AD-BCD62253C700@.microsoft.com...
> >
> > Is the Login Box still popping up when Forms Authetication is
> > Implemented.?
>
>|||I did that according to the documentation (adding Forms to the
authentication types or wherever that is, and changing authentication mode
to Forms in the web.config), and I was still getting the login box.
What gets me is that box is still appearing even when I set the
authentication mode to None.
"Rags Iyer" <RagsIyer@.discussions.microsoft.com> wrote in message
news:E5169863-A011-43A4-BAB3-A0627C0A0272@.microsoft.com...
> Please check wherther the Security implemenation for Forms Authetication
> was
> properly implemented.The authetication in the Rs Config File needs to be
> changed to Forms Authentication and all the required policy is set.
> Regards,
> Rags Iyer
> "DJM" wrote:
>> Yes.
>> "Rags Iyer" <RagsIyer@.discussions.microsoft.com> wrote in message
>> news:C574F74E-C580-47A4-86AD-BCD62253C700@.microsoft.com...
>> >
>> > Is the Login Box still popping up when Forms Authetication is
>> > Implemented.?
>>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment