ReportViewer Component In Web App And Authentication
Apr 10, 2008
Hey there,
I have a web app which contains a ReportViewer control for viewing reports on hosted on my ReportsServer instance.This web app runs under the identity DOMAINWebAppAccount.
When I try to access a Report I get the following error:
The permissions granted to user €˜DOMAINChipsC€™ are insufficient for performing this operation. (rsAccessDenied)
ChipsC is the username I log into the machine I launch the browser from.
My question is how can I get the ReportViewer to access the reports based on the WebAppAccount user instead of the ChipsC user (or any other user)?
I'm creating a custom interface for reporting services but I am having a few problems. This is my environment:
Using the ReportViewer component in remote mode to show my reports of the report server. There are 2 user levels of which any user can be apart of, Admin & user. In every report, there is a parameter called MERCHANTID, when the user who logs in (via custom login interface) is of group admin, then the merchantid parameter gets prompted before the report is run, if the group of the user is "user" then the merchantid parameter is hidden, and is passed programatically to the report. The report path also
My Questions:
1. When my reportviewer component loads up the report and prompts for a parameter, when you select a parameter value or type it in, it just posts back with no results, just the parameter prompt again with no data... How can this be corrected?
2. How do I pass report parameters programatically... so that when my user id of group "user" then "merchantid" gets passed automatically, but if there is any more parameters, then that gets prompted...
I have successfully implemented forms authentication in RS. It works great to navigate to https://myserver/Reports. I get redirected to the login-page etc. It also works great to use the ReportViewer from within my WinForms app, using the
method. I'm also able to communicate with RS through it's web services by first calling the 'LogonUser' method. However, to get that to work I had to inherit the ReportExecutionService for the cookie-handling to work.
Now over to my problem (the only thing so far I haven't got working). I'm trying to use a ReportViewer on an ASP.net web page to access the reports. I have understood that 'SetFormsCredentials' is not avaliable here. Instead, as far as I have understood, I should implement my own IReportServerCredentials . The critical method there I guess is
GetFormsCredentials(out Cookie authCookie, out string formsUser, out string formsPassword, out string formsAuthority)
, am I right?
It's here my problem starts. The examples I have seen haven't implemented this method since they use other types of authentication. So, I would need an example of what to fill that method with...
I can consume the reportingservice using credentials to get reportnames and folders and such, but when i go to use the reportviewer, after i set the reportpath and serverurl, I am always asked to authenticate when using the sample reportviewer with RS 2000. How can i prevent this? I know there is the Icredentials that can be set using the serverreport property with the new viewer in 2005, but how about doing the same type thing in 2000?
Hi, I€™ve an application Web which uses to reportviewer to show information. I want that all the users of the application accede to reports by means of he himself user and password. This user is a local user of report€™s server. The problem is that when attempt to show report always appear the following error: The request failed with HTTP status 401: Unauthorized. The code that use is the following one:
ReportViewer1.ServerReport.ReportServerCredentials = new ReportViewerCredentials("Usuario", "pwd", "servidor");
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using Microsoft.Reporting.WebForms; using System.Net; using System.Security.Principal; using System.Runtime.InteropServices;
/// <summary> /// Summary description for ReportViewerCredentials /// </summary> public class ReportViewerCredentials : IReportServerCredentials { [DllImport("advapi32.dll", SetLastError = true)] public extern static bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)] public extern static bool CloseHandle(IntPtr handle);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)] public extern static bool DuplicateToken(IntPtr ExistingTokenHandle, int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);
public ReportViewerCredentials() { }
public ReportViewerCredentials(string username) { this.Username = username; }
public bool GetFormsCredentials(out Cookie authCookie,out string user, out string password, out string authority) { authCookie = null; user = password = authority = null; return false; // Not implemented }
public WindowsIdentity ImpersonationUser { get {
string[] args = new string[3] { this.Domain.ToString(), this.Username.ToString(), this.Password.ToString() }; IntPtr tokenHandle = new IntPtr(0); IntPtr dupeTokenHandle = new IntPtr(0);
//const int LOGON32_PROVIDER_DEFAULT = 0; ////This parameter causes LogonUser to create a primary token. //const int LOGON32_LOGON_INTERACTIVE = 2;
const int LOGON32_PROVIDER_DEFAULT = 3; //This parameter causes LogonUser to create a primary token. const int LOGON32_LOGON_INTERACTIVE = 9; const int SecurityImpersonation = 2;
tokenHandle = IntPtr.Zero; dupeTokenHandle = IntPtr.Zero; try { // Call LogonUser to obtain an handle to an access token. bool returnValue = LogonUser(args[1], args[0], args[2], LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
if (false == returnValue) { Console.WriteLine("LogonUser failed with error code : {0}",Marshal.GetLastWin32Error()); return null; }
// Check the identity. System.Diagnostics.Trace.WriteLine("Before impersonation: " + WindowsIdentity.GetCurrent().Name);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref dupeTokenHandle); if (false == retVal) { CloseHandle(tokenHandle); Console.WriteLine("Exception in token duplication."); return null; }
// The token that is passed to the following constructor must // be a primary token to impersonate. WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle); WindowsImpersonationContext impersonatedUser = newId.Impersonate();
// Free the tokens. if (tokenHandle != IntPtr.Zero) CloseHandle(tokenHandle); if (dupeTokenHandle != IntPtr.Zero) CloseHandle(dupeTokenHandle);
// Check the identity. System.Diagnostics.Trace.WriteLine("After impersonation: " + WindowsIdentity.GetCurrent().Name);
Hi every body ! I try to insert the reportViewer in my asp page, all is good, but if I want to change (by choosing another report), and i cannot call the method RefreshReport() as I saw in the msdn documentation. I didn't understand why, I download the ReportViewer from msdn download : the version is 2.0.50727.42 from 22/01/2006... I implement in my asp designer tools the following dll : Microsoft.SqlServer.UpgradeAdvisor.ReportViewer.dll 9.0.1399.1 from 14/10/2005
Did I forget any code line ? or did I download a bad version ?
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportExecution2005.asmx">here</a>.</h2> </body></html>
This is a subject that has been brought up before but I have not seen a definitive answer/solution. We have implemented a custom authentication extension (forms authentication) for reporting services and it has been working just fine under "normal" conditions; "normal" being users logging in, viewing reports, and then moving on. Recently some reports were created by our report group and they contain Dundas gauge controls for "dashboard" style reports. These reports are meant to be up all day and they post back every few seconds because the data they present is mission critical. This of course exposed the inability of the reportviewer control to stay in the context of Report Manager when it comes to the cookie exchange and authentication thus resulting in the following error: <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportExecution2005.asmx">here</a>.</h2> </body></html>
I created a quick ASP.NET web application and added the reportviewer to it, implemented IReportServerCredentials and the report came up as expected but behaved the same way as it did in Report Manager. Same with a Windows Forms application.
Increasing the cookie timeout in the forms authentication tag is an option, but not an attractive one. Extending the reportviewer control is also an option, but I don't know if that is a good candidate right now because I don't see anything extensible yet.
Is this just the nature of RS with custom authentication or is there a viable solution out there right now?
Any and all answers are much appreciated and I thank you in advance.
I have a package that has a data lfow task. this task imports data from a db2 database (using the IBM Ole DB provider fro db2) and adds it to sql server database table. This package was created on the server. then though version control (using TFS source control) I check out the package on my local machine. and when I open the package I get the foll 3 errors.
Error 1 Validation error. Import Account Num from BMGP_BDR: DTS.Pipeline: The component metadata for "component "DataReader Source" (1113)" could not be upgraded to the newer version of the component. The PerformUpgrade method failed.
Error 2 Error loading BMAG Download Xref Tables - bmag.dtsx: Microsoft.SqlServer.Dts.Pipeline.ComponentVersionMismatchException: The version of component "DataReader Source" (1113) is not compatible with this version of the DataFlow. [[The version or pipeline version or both for the specified component is higher than the current version. This package was probably created on a new version of DTS or the component than is installed on the current PC.]] at Microsoft.SqlServer.Dts.Pipeline.ManagedComponentHost.HostCheckAndPerformUpgrade(IDTSManagedComponentWrapper90 wrapper, Int32 lPipelineVersion)
Error 3 Error loading BMAG Download Xref Tables - bmag.dtsx: The component metadata for "component "DataReader Source" (1113)" could not be upgraded to the newer version of the component. The PerformUpgrade method failed.
I have a package which reads an Access file from a folder. My connection manager to this file is .NET providers for OledbMicrosoft Jet 4.0 OLE DB Provider.
Package works from my computer. But when I execute it on the server as a SQL Agent job, I get
The component metadata for "component "DataReader Source" (1) could not be upgraded to the newer version of the component. The PerformUpgrade method failed.
I copied the mdb file to a folder on the server which my packages have no problem reading data from.
My packages run under the same domain account as defined in proxies.
I folks.I Have installed sql server 2005 express and choosed windowsauthentication on instalation, but i make a mistake and now i needmixed authentication, how can i modify this whithout uninstall andinstall again the application?thanks for the help.
Hi there,I have installed MS SQL Server 2005 on my machine with windows authentication. But now I want to switch the authentication mode to SQL Authentication. I am unable to switch, I can’t find the proper way to do so here in 2005.Could any one help me in doing this?Thank you,-Ahsan
In a Data Flow, I have the necessity to use a SSIS variable of type €œObject€? inside Script Component and assign to it the content of 'n' variables of string type. On exiting from the script the variable of type object should contain something like in the following lines: AAAAAAAAAAAAAAAAAAAAAAAAAAAAA BBBBBBBBBBBBBBBBBBBBBBBBBBBBB CCCCCCCCCCCCCCCCCCCCCCCCCCCCC DDDDDDDDDDDDDDDDDDDDDDDDDDDDD €¦€¦€¦€¦€¦€¦€¦. €¦€¦€¦€¦€¦€¦€¦. On exiting from the data flow I will use the variable of type Object in a Script Task, by reading each element in a cyclic fashion. Is there anyone who have experienced something like this? Could anyone provide any example of that? Thanks in advance!
Hi all I'm into a project which uses a lot of views for joining 2 or more tables. Using the MERGE component in SSIS will be a huge effort coz it only has 2 inputs and I gotta SORT the input too. Isnt it possible to have a VIEW like component that joins more than 2 tables and DOESNT need sorting?? (I've thought about creating views in database engine but it breaks my data floe in SSIS and is'nt a practical solution)
I am writing a custom dataflow transformation component and I need to get the name of the preceeding component.
I have been trying to find a way to get a reference to the Package object, MainPipe object or IDTSPath90 object (connecting to the IDTSInput90 of my component) from my component because I think from there I can get to the information I want.
(Using win2k, sqlserver2k, framework 1.1) I have an fairly data-heavy application that uses Windows authentication (Trusted connection/aspnet account) to connect to Sql Server. The site uses IIS basic authentication.
On the dev server everything works fine but when I move to the live server things get strange and it starts to crawl along. (Pages load OK but then it just crawls as it loads the datagrids etc. Sometimes it brings back incomplete/incorrect data )
BUT When I use Sql Authentication to connect to Sql Server and there is no problem at all!
Ok, there is something obviously wrong with the live server (which is identical setup to dev)but I dont know where to start.
I've got two applications which both have a database on my MS SQL 2000 server. The problem is, one application must use Windows Integrated Authentication (which it is currently using and cannot be changed) whilst the other application which I'm trying to configure must use a SQL password.
Since the server has already been configured to use Windows Integrated Authentication for the existing database and application, how do I configure the other database to use the SQL password?
My work is using a shared application which accesses a MSSQL 2000 database. To access the application, the folder on the Windows 2003 Server is shared and users can access the folder through a shared drive.
For the application to access the database, it uses an ODBC connection to the MSSQL server which originally used the SA password.
We have recently switched to using Windows Integrated Authentication because we believe it offers a higher level of security. However the only way in which we have been able to enable this is to add the windows users to the SQL server.
The problem with this is that the application sets permissions for individual users on what records they can see within the database. We have found that by adding the windows users to the SQL Server, they can bypass the permissions the set by the application by simply using any application that can use an ODBC connection, such as Enterprise Manager, and see all the database.
One way around this would be to set up domains of users with access privileges to the tables which reflect the permissions set by the application, and configuring a view of the data so they may only see the records that they have permissions to. However to do this would require a high administrative cost to ensure that changes made in the application are reflected in the privileges of the SQL server.
Instead, is there a way the SQL server can authenticate that the ODBC connection is coming from the correct application using Windows Integrated Authentication?
This would allow the applcation to determine security, and stop users from connecting to the SQL server using other applications.
Alternatively, can the SQL server, using Windows Integrated Authentication, also ask the application to supply a username and password?
Any help with this matter would be greatly appreciated.
No idea where this bug crept in from. Have been using SSIS for 1.5 years now without hitting this problem.
I had a script component opening an XML document and parsing it using XPATH. I added some code that uses StreamReader / Streamwriter (closing one stream before starting the other). The code works without issue in my C# app.
And it ran without issue 2-3 times in SSIS. Then suddenly after running my package again, the script component says it completes successfully, yet nothing happens. I set a breakpoint on the first line of code - it never hits it. I add a msgbox as the first line of code - and it never displays.
I then close my package / exit out of ssis ... and then re-open it. When i open my script component, all of my code is GONE. All references that I added are gone.
I tried adding the streamreader/writer process to a dll I created from my c# app ... and added the DLL to the package -- same result.
I can reproduce this on 2 different computers.
Anyone experience this problem ? Any idea how to stop it ? Or debug it ?
Here is a slimmed down code sample of what causes the error :
Public Class ScriptMain Public Sub Main() Try Dim xmlDoc As New XmlDocument xmlDoc.Load("c:ulkasync_86281519_20070628045850225_4.xml") MsgBox("xmlLoaded") --this doesn't display once the package starts "acting up" Catch ex As Exception MsgBox(ex.Message) UpdateXML("c:ulkasync_86281519_20070628045850225_4.xml", ex.Message) End Try Dts.TaskResult = Dts.Results.Success End Sub Private Sub UpdateXML(ByVal fileName As String, ByVal message As String) Try Dim invalidChar As String = message.Trim().Substring(message.Trim().IndexOf("0x"), 4) Dim rd As StreamReader = New StreamReader(fileName) Dim xml As String = rd.ReadToEnd() Xml = Xml.Replace(invalidChar, String.Empty) xml = xml.Replace("", String.Empty) xml = xml.Replace("<![CDATA[<![CDATA[", "<![CDATA[") xml = xml.Replace("]]>]]>", "]]>") MsgBox("replaced") rd.Close() Dim wr As StreamWriter = New StreamWriter(fileName) wr.Write(xml) wr.Close() Dim xdoc As XmlDocument = New XmlDocument() xdoc.Load(fileName) Catch ex As Exception UpdateXML(fileName, ex.Message) End Try End Sub End Class
Hi,I'm using SQL Server 2005. My Connection String looks like that at the moment: <add name="LocalSqlServer" connectionString="Data Source=xx;Initial Catalog=xx;Persist Security Info=True;User ID=xx;Password=xx" providerName="System.Data.SqlClient"/> Now I'd like to change this kind of authentication to Integrated Windows AuthenticationI added the WorkerProcess IIS_WPG to the permitted Users but it didn't help.Changed the Connection String to this:connectionString="Server=xx;Database=xx;Trusted_Connection=True;"All I'm getting is that my NetworkService is not permitted to access DB when I try to connect to the DB in ASP.NET.How can I properly configure that? Thanks!
Say, I have configured my SQL to use Mixed Authentication. Now, I have a applicaiton which uses my SQL Server. The application just creates a database in SQL Server and uses the database to store its information.
This application also has a SYSTEM DSN under ODBC through which it accesses the database. For the application to access this database, should I only use SA (as my SQL instance is configured to use Mixed Authentication) or can I use Windows Authentcation too...
If I should only use SA, do we have a documentation which talks about this.
For using different services of SQL SERVER 2005 which is better... Windows Authentication or SQL Server Authentication? what are the advantages and disadvantages of both?
I wonder if it is possible to set forms authentication for report manager but leave report server "as it is". I need to authenticate users from external LDAP and can't use windows authentication for report manager, but I would also like to leave report server open for anonymous users. In that way authenticated administrators could create reports which anonymous users could read.
I tested the Security Extension Sample and got it working when I rewrote the authentication part with my own LDAP authentication.
If I have understood correctly, the report manager is just application inside report server so is it possible to use forms authentication with one application but still leave the report server with Windows authentication?
I need to figure out what kind of Authentication , I need to use for following applicaiton
Product : -
1 ) It resides on a its Domain and has access to Database on that Domain. 2 ) We have a application level login , n based on application login id display specific pages.
The question that bother me is this
Q ) If i use NT authentication , then a user will be required to
a ) Login to domain (with userid and password) first and then
b ) Then i would require to again login to applicaiton with application level login and password.(different levels of login as there) Based on the application level login i will display only specific asp pages. They have different access rights..and roles.
Requirment is to login only once..and it should authenticate to application display specific pages and authenticate to SQl server database also..
Is there any way thru which i can map my application level login to SQl server.. and what authentication should i use..
I am in the process of rolling out a sql server 2005 enterprise install and had a question regarding authentication. We will be providing sql hosting for a number of groups on our campus, many who are not using our campus-wide active directory, though they all have an AD account.
Windows authentication via the management studio appears to use your AD authentication tokens and will not allow them to enter a username/password combo. Is there any way to configure this?
I would like to use our campus AD for obvious reasons but if there is a requirement for passing tokens this isn't going to work right? It's also going to make database mirroring more of a challenge.
i've installed the SSRS 2000 ENT Edition i trying to add reportviewer dll in my webapplication but i haven't find that dll so could any help in this issue ?
I try to embed my Reports of Reporting Services to ASP .NET Application. I use ReportViewer component of Visual Studio 2005. When I try to set Height property to 100% there is no report content shown. I tried to set SizeToReportContent property but there wasn't success. At the same time when I set Height to any particular value e.g. 400px, everything is OK. But of cousre I can't know particular height for every reports. Did you have any such problems? Can you help me?
I have a Local report bound to a ReportViewer control and when I am typing in text in the find text box and I click find I get this message on the report viewer "Object reference not set to an instance of an object" anybody have any idea