I need to know the steps on how to configure the SSRS Forms Authentication and its IIS Configuration. What specific Config Files should be modified?
i am using IIS 6.0, Windows Server 2003, SQL Server 2005.
Please help....
here is my error
System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Logon failed. ---> Microsoft.ReportingServices.Diagnostics.Utilities.LogonFailedException: Logon failed. at Microsoft.ReportingServices.WebServer.RSCustomAuthentication.LogonUser(String userName, String password, String authority) at Microsoft.ReportingServices.WebServer.ReportingService.LogonUser(String userName, String password, String authority) --- End of inner exception stack trace --- at .................
Please help me
Well, I have SQL Server 2005 SP2 Reporting Services installed and configured in sharepoint integrated mode, so I am deploying reports in sharepoint libraries. Also I configured sharepoint to use forms authentication with builtin AspNetSqlMembership provider, but after this action I couldnot open reports through sharepoint library, instead of this, error was displayed mentioned below. I searched and found hotfix Cumulative Update 3 build 3186 for this issue, request it from microsoft support and applied it, but nothing has changed!
Error I have been experiencing is following:
An unexpected error occurred while connecting to the report server.
Verify that the report server is available and configured for
SharePoint integrated mode. --> The request failed with the error
message:
--
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/_layouts/login.aspx?ReturnUrl=
%2f_vti_bin
%2fReportServer%2fReportService2006.asmx">here</a>.</h2>
</body></html>
I continued to dig and find out that this hotfix should update Microsoft.ReportingServices.SharePoint.UI.WebParts.dll from version 9.0.3042.0 to new version 9.0.3180.0, but when I checked file version after applying hotfix, it remained the same as was before i.e. 9.0.3042.0. Apparently this cumulative update does not fix this issue.
anyone has any idea how to solve it? Thanks in advance.
sorry for my poor english :-)
I am using Reporting services 2005 and have enabled forms authentication using the example found in:
'C:Program FilesMicrosoft SQL Server90SamplesReporting ServicesExtension SamplesFormsAuthentication Sample'
This works correctly without SSL, but when I enable SSL I get an error when logging in. The symptoms are as follows. I can login to the reporting server (in my case <server>/ReportServer2) directory, but when I login to the report manager (in my case at <server>/Reports2) I get the following error:
'The underlying connection was closed: An unexpected error occurred on a send.'
Can anyone suggest why I might be getting this error?
Thank you,
Graham
Hi all,
I am using forms authetication to log in to reporting services. I am using logonuser method of reporting services web service. I am getting the following error when i try to log in
System.Web.Services.Protocols.SoapException: Server was unable to process request. --->
System.Exception: An error occurred while attempting to verify the user.Login failed for user 'SON-1499IUSR_SON-1499'.
at Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationUtilities.VerifyPassword(String suppliedUserName, String suppliedPassword)
at Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationExtension.LogonUser(String userName, String password, String authority)
at Microsoft.ReportingServices.WebServer.RSCustomAuthentication.LogonUser(String userName, String password, String authority)
at Microsoft.ReportingServices.WebServer.ReportingService2005Impl.LogonUser(String userName, String password, String authority)
at Microsoft.ReportingServices.WebServer.ReportingService2005.LogonUser(String userName, String password, String authority) --- End of inner exception stack trace ---
I have LocalMachine/ASPNET web service identity set in Reporting Services Configuration on Windows XP .
Thanks in advance.
Anupama
Hi all,
I have some doubt about :
What is the basic difference between Patches,SP,Hot fixes in SQL Server ?
and
What are the steps we have to Follow before applying Service Pack ,Patches,Hot fixes?
Thanks
Hi.
I wonder if it is possible to set forms authentication for report manager but leave report server "as it is". I need to authenticate users from external LDAP and can't use windows authentication for report manager, but I would also like to leave report server open for anonymous users. In that way authenticated administrators could create reports which anonymous users could read.
I tested the Security Extension Sample and got it working when I rewrote the authentication part with my own LDAP authentication.
If I have understood correctly, the report manager is just application inside report server so is it possible to use forms authentication with one application but still leave the report server with Windows authentication?
Is there a way to insert forms in reporting services. If so, how would this be done>?
View 6 Replies View Relatedis there a way to put forms in reporting services? If so, how would this be done
View 2 Replies View RelatedI have implemented the Forms Authentication in Reporting Services 2000. In addition, we have a reports web application that uses the authentication to access the reports in the Reports Server. I have implemented a similar code that is posted in http://msdn2.microsoft.com/en-us/library/aa902691(SQL.80).aspxhttp://msdn2.microsoft.com/en-us/library/aa902691(SQL.80).aspx for the Reports Server and Reports Manager. For the web application, I added reference to the custom security assembly, created a new ReportsServerProxy, and then called the LogonUser().
Now, one of the functionality we have in the applicaiton is to set the reporting services Timeout for reports that take too long to run. The weird thing is the Timeout (in milliseconds) is getting ignored by the ReportServerProxy using the custom security assembly. I verified that without the custom secuirty assembly, the Timeout property is getting set.
I did find the code for ReportServerProxy's GetWebRequest(Uri uri) is setting the request.Timeout to -1. I thought this was interfering with the rs.Timeout, but removing the code did not make any difference.
How do I set the Timeout property correctly? Do you know of any issues with setting the Timeout property for Reporting Services with Forms Authentication?
Can anybody help PLEASE? I need an answer ASAP. Thanks in advance for your help.
/**partial UILogon.aspx code for ReportServerProxy below**/
public class ReportServerProxy : ReportingService
{
protected override WebRequest GetWebRequest(Uri uri)
{
HttpWebRequest request;
request = (HttpWebRequest)HttpWebRequest.Create(uri);
// Create a cookie jar to hold the request cookie
CookieContainer cookieJar = new CookieContainer();
request.CookieContainer = cookieJar;
Cookie authCookie = AuthCookie;
// if the client already has an auth cookie
// place it in the request's cookie container
if (authCookie != null)
request.CookieContainer.Add(authCookie);
request.Timeout = -1;
request.Headers.Add("Accept-Language",
HttpContext.Current.Request.Headers["Accept-Language"]);
return request;
} ...}
/** Below is the Reports Web applicaiton code that calls the ReportsServerProxy LogonUser **/
Public Function GetReportServerProxy() As ReportServerProxy
Dim rsProx As New ReportServerProxy
rsProx.Url = ConfigurationSettings.AppSettings("REPORT_SERVER_URL") + "/ReportService.asmx"
Try
rsProx.LogonUser("SYSADMIN", "password", Nothing)
Return rsProx
Catch ex As Exception
Throw New Exception("GetReportServerProxy Failed.", ex)
End Try
End Function
Private Function CreateSnapShot() As String
...
Dim rs As RSCustomSecurity.ReportServerProxy
Try
rs = GetReportServerProxy()
' First set the parameters' default values
parameters = setParamters()
rs.SetReportParameters(reportPath, parameters)
If errorsList.Count > 0 Then Throw New Exception
'Server.ScriptTimeout = 10
rs.Timeout = Integer.Parse(ConfigurationSettings.AppSettings.Get("REPORT_PROCESS_TIMEOUT"))
lsHistoryID = rs.CreateReportHistorySnapshot(reportPath, warnings)
'lblStatus.NavigateUrl = "ViewSnapShot.aspx?History_ID=" & lsHistoryID
lblStatus.Text = "Your request has been processed. View report as"
....
Catch ex As Exception
....
Finally
Debug.Write("End : " & Now.ToLongTimeString)
rs = Nothing
End Try
End Function
Hi,
Sorry for the long post but I'll try to give a maximum of information.
I've tried to implement Form Authentication for Reporting Services. Right now, just about everything works as I would hope for, i.e.:
When I try to access http://<server>/ReportServer$SQLSERVER_2005, I am redirected to the authentication form.
When successfully authenticated, I can access the report
I can display reports throught the ReportViewer Web control by passing the authentication cookie.
Etc.
(Note: My implementation of Form Authentication was inspired by http://www.devx.com/dotnet/Article/26759/0/page/1 which seems similar to Microsoft Sample)
(The $SQLSERVER_2005 suffix is because SQL Server 2000 is also installed on the server, but I don't think Reporting Services 2000 is installed)
There is one thing which does not work however and it is the Report Manager.
When I try to access http://<server>/Reports$SQLSERVER_2005, I would expect to be redirected to the /Pages/UILogon.aspx page. Instead, I get an error page with the following message:
"The report server is not responding. Verify that the report server is running and can be accessed from this computer."
Both ReportServer and Reports are on the same server, both have the same security on the folder and in IIS (6.0), both have Anonymous security access "checked".
If I revert to the old .config files (prior to my modifications for Form Authentication) and remove Anonymous from IIS for both sites, everything works fine (like it did after the installation).
Here are excerpts from the config files I've modified in ReportManager:
RSWebApplication.config:
<UI>
<CustomAuthenticationUI>
<loginUrl>/Pages/UILogon.aspx</loginUrl>
<UseSSL>False</UseSSL>
</CustomAuthenticationUI>
<ReportServerUrl>http://<servername>/ReportServer$SQLSERVER_2005</ReportServerUrl>
</UI>
rsmgrpolicy.config:
<CodeGroup
class="FirstMatchCodeGroup"
version="1"
PermissionSetName="FullTrust"
Description="This code group grants MyComputer code Execution permission. ">
<IMembershipCondition
class="ZoneMembershipCondition"
version="1"
Zone="MyComputer" />
Web.config:
<identity impersonate="false" />
Here is the content of the log ReportServerWebApp_*.log (see error in bold):
<Header>
<Product>Microsoft SQL Server Reporting Services Version 9.00.1399.00</Product>
<Locale>en-US</Locale>
<TimeZone>Eastern Standard Time</TimeZone>
<Path>C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFilesReportServerWebApp__11_10_2006_08_32_34.log</Path>
<SystemName>MSCAPP02</SystemName>
<OSName>Microsoft Windows NT 5.2.3790 Service Pack 1</OSName>
<OSVersion>5.2.3790.65536</OSVersion>
</Header>
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing MaxActiveReqForOneUser to '20' requests(s) as specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing MaxScheduleWait to default value of '1' second(s) because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DatabaseQueryTimeout to default value of '30' second(s) because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing ProcessRecycleOptions to default value of '0' because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsScavengerCycle to default value of '30' second(s) because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsDbCycle to default value of '30' second(s) because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsAge to default value of '30' second(s) because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing CleanupCycleMinutes to default value of '10' minute(s) because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DailyCleanupMinuteOfDay to default value of '120' minutes since midnight because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonFlags to default value of '1064' because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonDumpOnExceptions to default value of 'Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException,Microsoft.ReportingServices.Modeling.InternalModelingException' because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonDumpExcludeIfContainsExceptions to default value of 'System.Data.SqlClient.SqlException,System.Threading.ThreadAbortException' because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing SecureConnectionLevel to default value of '1' because it was not specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DisplayErrorLink to 'True' as specified in Configuration file.
w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WebServiceUseFileShareStorage to default value of 'False' because it was not specified in Configuration file.
w3wp!ui!5!11/10/2006-08:32:39:: e ERROR: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
w3wp!ui!5!11/10/2006-08:32:39:: e ERROR: HTTP status code --> 500
-------Details--------
Microsoft.ReportingServices.UI.Global+RSWebServiceWrapper+CantCommunicateWithReportServerException: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
at Microsoft.ReportingServices.UI.Global.RSWebServiceWrapper.GetSecureMethods()
at Microsoft.SqlServer.ReportingServices2005.RSConnection.IsSecureMethod(String methodname)
at Microsoft.SqlServer.ReportingServices2005.RSConnection.ValidateConnection()
at Microsoft.ReportingServices.UI.ReportingPage.EnsureHttpsLevel(HttpsLevel level)
at Microsoft.ReportingServices.UI.ReportingPage.ReportingPage_Init(Object sender, EventArgs args)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Web.UI.Control.OnInit(EventArgs e)
at System.Web.UI.Page.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
w3wp!ui!5!11/10/2006-08:32:40:: e ERROR: Exception in ShowErrorPage: System.Threading.ThreadAbortException: Thread was being aborted.
at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.End()
at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm)
at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg) at at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.End()
at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm)
at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg)
So that's it. Thanks for any help you can provide.
Nicolas
For a connection string,we just use sqlconnection class in c# and try to do the open opration to test whether the connection string is valid or not.
but for reporting servics,when given a username and a password ,how can we do the authentication in c#program to see the account is valid or invalid...
Thank you very much for your help!
I could really use help getting form authentication to work. I have a box with a web site and ReportingServices installed(which if I can get this working will be moved to the DMZ). The databases are on a different machine(which will on on our network).
I have been working with the sample provided with the install and this blog.
http://blogs.msdn.com/bimusings/archive/2005/12/05/500195.aspx
My problem is that I can logon and authenticate but when I call ListChildren() my System.Net.CredentialCache.DefaultCredentials is empty so I get nothing back from the call.
I know that I have a valid cookie because after I logon I can use the Reports and the ReportServer URL's and go directly to those pages.
Can someone tell me what I need to do to make ListChildren() work? Do I still call ListChildren()? Documentation is scarce and would appreciate any help provided.
Thanks
-JW
is it possible to make forms authentication to reports? how cam it be done?
regards
P M varughese
I've implemented a membership provider and added it to Reporting Services. It works well from the user interface, but I am unclear on how to authenticate using rs.exe. When I run it with the trace option (-t), I get this back:
System.Exception: Could not connect to server: http://stsstg8642/reportserver/ReportService2005.asmx ---> System.Net.WebException: The request failed with the error message:
--
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportService2005.asmx">here</a>.</h2>
</body></html>
--.
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Microsoft.SqlServer.ReportingServices2005.ReportingService2005.ListSecureMethods()
at Microsoft.ReportingServices.ScriptHost.Management2005Endpoint.PingService(String url, String userName, String password, String domain, Int32 timeout)
at Microsoft.ReportingServices.ScriptHost.ScriptHost.DetermineServerUrlSecurity()
--- End of inner exception stack trace ---
at Microsoft.ReportingServices.ScriptHost.ScriptHost.DetermineServerUrlSecurity()
at Microsoft.ReportingServices.ScriptHost.ScriptHost.InstanceMain()
at Microsoft.ReportingServices.BaseCmdLine.CommandLineMain(String[] args, BaseCmdLine instance)
Hello,My boss wants me to create a front end webpage for our ReportingServices reports that customers can log onto through a webform. I'm aPHP programmer, so I'd rather do this site and the authentication inPHP than learn .NET. The main problem I see is finding a way to passthe authentication to Reporting Services so that when a user runs areport, they are not asked to enter their password a second time.I don't even know where to start researching this problem... I've askedin PHP forums and they passed me to you guys. Any ideas?Andrew
View 3 Replies View RelatedHi,
I€™ve an application Web which uses to reportviewer to show information. I want that all the users of the application accede to reports by means of he himself user and password. This user is a local user of report€™s server. The problem is that when attempt to show report always appear the following error:
The request failed with HTTP status 401: Unauthorized.
The code that use is the following one:
ReportViewer1.ServerReport.ReportServerCredentials = new ReportViewerCredentials("Usuario", "pwd", "servidor");
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using Microsoft.Reporting.WebForms;
using System.Net;
using System.Security.Principal;
using System.Runtime.InteropServices;
/// <summary>
/// Summary description for ReportViewerCredentials
/// </summary>
public class ReportViewerCredentials : IReportServerCredentials
{
[DllImport("advapi32.dll", SetLastError = true)]
public extern static bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public extern static bool DuplicateToken(IntPtr ExistingTokenHandle,
int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);
public ReportViewerCredentials()
{
}
public ReportViewerCredentials(string username)
{
this.Username = username;
}
public ReportViewerCredentials(string username, string password)
{
this.Username = username;
this.Password = password;
}
public ReportViewerCredentials(string username, string password, string domain)
{
this.Username = username;
this.Password = password;
this.Domain = domain;
}
public string Username
{
get
{
return this.username;
}
set
{
string username = value;
if (username.Contains("\"))
{
this.domain = username.Substring(0, username.IndexOf("\"));
this.username = username.Substring(username.IndexOf("\") + 1);
}
else
{
this.username = username;
}
}
}
private string username;
public string Password
{
get
{
return this.password;
}
set
{
this.password = value;
}
}
private string password;
public string Domain
{
get
{
return this.domain;
}
set
{
this.domain = value;
}
}
private string domain;
#region IReportServerCredentials Members
public bool GetBasicCredentials(out string basicUser, out string basicPassword, out string basicDomain)
{
basicUser = username;
basicPassword = password;
basicDomain = domain;
return username != null && password != null && domain != null;
}
public bool GetFormsCredentials(out string formsUser, out string formsPassword, out string formsAuthority)
{
formsUser = username;
formsPassword = password;
formsAuthority = domain;
return username != null && password != null && domain != null;
}
public bool GetFormsCredentials(out Cookie authCookie,out string user, out string password, out string authority)
{
authCookie = null;
user = password = authority = null;
return false; // Not implemented
}
public WindowsIdentity ImpersonationUser
{
get
{
string[] args = new string[3] { this.Domain.ToString(), this.Username.ToString(), this.Password.ToString() };
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);
//const int LOGON32_PROVIDER_DEFAULT = 0;
////This parameter causes LogonUser to create a primary token.
//const int LOGON32_LOGON_INTERACTIVE = 2;
const int LOGON32_PROVIDER_DEFAULT = 3;
//This parameter causes LogonUser to create a primary token.
const int LOGON32_LOGON_INTERACTIVE = 9;
const int SecurityImpersonation = 2;
tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;
try
{
// Call LogonUser to obtain an handle to an access token.
bool returnValue = LogonUser(args[1], args[0], args[2],
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);
if (false == returnValue)
{
Console.WriteLine("LogonUser failed with error code : {0}",Marshal.GetLastWin32Error());
return null;
}
// Check the identity.
System.Diagnostics.Trace.WriteLine("Before impersonation: "
+ WindowsIdentity.GetCurrent().Name);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref dupeTokenHandle);
if (false == retVal)
{
CloseHandle(tokenHandle);
Console.WriteLine("Exception in token duplication.");
return null;
}
// The token that is passed to the following constructor must
// be a primary token to impersonate.
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
// Free the tokens.
if (tokenHandle != IntPtr.Zero)
CloseHandle(tokenHandle);
if (dupeTokenHandle != IntPtr.Zero)
CloseHandle(dupeTokenHandle);
// Check the identity.
System.Diagnostics.Trace.WriteLine("After impersonation: "
+ WindowsIdentity.GetCurrent().Name);
return newId;
}
catch (Exception ex)
{
Console.WriteLine("Exception occurred. " + ex.Message);
}
return null;
}
}
public ICredentials NetworkCredentials
{
get
{
return null; // Not using NetworkCredentials to authenticate.
}
}
#endregion
}
Hi,
I've changed from Visual Studio 2003 to Visula Studio 2005 by using now the MS SQL 2005 Express Advanced Edition.
As I wanted to deploy another report suddenly it asked me for an authetication for the ReportServer ?
Well, no problem, I thought and looked into the authentications in IIS, but no one of those is working.
Where the heck do I have to look ?
Thx for reply.
Andreas
P.S. Using on backend site RS Enterprise Edition SP1 and changed for developing reports from VS 2003 to VS 2005 with reporting services.
We created a custom security extension for RS using Forms Authentication. The issue I am having is in ReportBuilder when the forms authentication ticket expires. Forms auth will attempt to redirect (send a HTTP 302) and the report builder will show the error message "Object moved to here" instead of prompt for credentials. I have been watching the IIS logs and I see the first time report builder start it attempt to connect using default windows credentials and after the FormsAuthenticationRequired exception it will prompt for credentials and invoke LogonUser method, but this only happens the first time or if change the server in the url. I was expecting ReportBuilder to consider the Forms Authentication expiration at any time.
Do you have any idea how to work around this?
Any help is really appreciated.
Thanks
I'm implementing Forms authentication, but I have users stored in two different databases. The "LogonUser" method in my AuthenticationExtension gets an "authority". In that way I can authenticate the user in the correct database.
But... the problem is the CheckAccess method of my AuthorizationExtension. Is it in any way possible to reach the "authority" information from inside it? I need to grant some access to users of the first database and some other access to the users of the second database.
I have successfully implemented forms authentication in RS. It works great to navigate to https://myserver/Reports. I get redirected to the login-page etc. It also works great to use the ReportViewer from within my WinForms app, using the
reportViewer.ServerReport.ReportServerCredentials.SetFormsCredentials
method. I'm also able to communicate with RS through it's web services by first calling the 'LogonUser' method. However, to get that to work I had to inherit the ReportExecutionService for the cookie-handling to work.
Now over to my problem (the only thing so far I haven't got working). I'm trying to use a ReportViewer on an ASP.net web page to access the reports. I have understood that 'SetFormsCredentials' is not avaliable here. Instead, as far as I have understood, I should implement my own IReportServerCredentials . The critical method there I guess is
GetFormsCredentials(out Cookie authCookie, out string formsUser, out string formsPassword, out string formsAuthority)
, am I right?
It's here my problem starts. The examples I have seen haven't implemented this method since they use other types of authentication. So, I would need an example of what to fill that method with...
Regards Andreas
We have customized the report server to use our forms authentication. Our authentication expects a cookie.
Now if I want to deploy reports using a script, how do i do it?. I tried specifying
rs.exe <filename> <username><password> but then it does not work as the cookie doesnt exits?
Any ideas how this could be done? We do not want to use the report manager to deploy reports as we want an automated process.
I have some reports on a report server that needs to be reached in two ways.
1 - From a windows client application (over internet)
2 - From a web browser (over internet)
Windows authentication could not be used here, since the users are not part of any domain etc, so I have implemented forms authentication for Reporting Services as described here:
http://msdn2.microsoft.com/en-us/library/ms160724.aspx
My first task was to access the reports from the windows forms application, and I managed to do that without too much trouble using a ReportViewer and setting the custom credentials in this way:
myReportViewer.ServerReport.ReportServerCredentials.SetFormsCredentials(null, "loginname", "password", "");
Works great!
However, now I'm dealing with the second problem... accessing the reports from the web. Sure, this works fine if i just type http://myserver/reports/. This brings up the custom loginpage and if I enter correct login information I get access to the reports... The problem is that I don't want to show everything 'around' (on top of) the report, I just want to show a report. Lets say I have a webpage with two frames. One on the left with a couple of links each representing a singel report. When clicking the link the report should be rendered in the right frame.
What approach should I use here? When and where should the user authentication take place?
I have done some testing with an ASP.NET application using a report viewer, but I seem to get the error:
Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'
I guess this is because Reporting services wants to bring up the login page? I can't find any way of setting the credentials for the reportViewer in my ASP.NET app, like I did in the WinForms app. I'm really not a web-developer so I might be missing some obvious points here, if I do, please point me in the right direction...
I have also read about using the Report server web service to render the html-page without using the reportviewer, but when I try to make a call to a service like this:
ReportingService _rs = new ReportingService();
_rs.Url = "http://myServer/ReportServer/ReportService.asmx";
CatalogItem[] items = _rs.ListChildren("/", true);
I get an exception like the one above, telling:
Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'
Where should I go from here... any help would be much appriciated!
Regards Andreas
Hi,
I am new to Reporting Services. I want to use Reporting Services 2005 in our application.
My custom web application is on one machine and Reporting Services 2005 is on other machine. I am using Forms Authentication and using Single Sign On for login
If my custom web application and Reporting Services are on same machin I can get "Authentication Ticket" issued by ReportingServices2005 to the Report server.
But in this case I am not able to get "Authentication Ticket" on Report Server since it is on other machine.
I am using ReportViewer control in my web application to display Reports and using LogonUser method to get the Authentication Ticket.
How can I pass CookieAuthentication ticket from my Custom Web Application to Report Server?
Is there any work around to pass Authentication Cookie across Domain or any other solution for this?
Regards
Amit
I have managed to get the Forms Authentication sample to work bu there is a hitch. I am running Report Server and Report Manager on the same(test) PC. I can logon to the Report Server without a problem but when I try logon from the UILogon.aspx page for Report Manager I receive the following error:
An error occurred while attempting to get the ReportServer Url. The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
An error occurred while attempting to get the ReportServer Url. The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)An error occured while attempting to get the ReportServer Url. The RPC server is unavailable.(Exception from HRESULT: 0x800706BA).
I can register users which suggests that the page can connect to the database.
Any help???
I setup CRM 4.0 in one domain with a domain service account. SQL Reporting is located on the same machine using the same service account. SQL is on a different machine. These are in the same single domain forest which has a two way trust relation with another domain of a separate single domain forest. Both domains are W2k3 Native Mode.
The CRM application allows access to users in both domains. The reports are generated with accounts in the first domain where CRM and SQL Reports is located but not for users in the other domain. The CRM's report viewer window displays "The report cannot be displayed."
The following are events that are related to the error:
On CRM server:
Event Type: Warning
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1309
Date: 5/13/2008
Time: 6:55:19 AM
User: N/A
Computer: CRMSERVER
Description:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 5/13/2008 6:55:19 AM
Event time (UTC): 5/13/2008 1:55:19 PM
Event ID: cc4c29c8f4be4e82ac0eee1234a15dc6
Event sequence: 77
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/2/ROOT-1-128551603464644692
Trust level: Full
Application Virtual Path: /
Application Path: C:Program FilesMicrosoft Dynamics CRMCRMWeb
Machine name: CRMSERVER
Process information:
Process ID: 3340
Process name: w3wp.exe
Account name: CRM Service Account
Exception information:
Exception type: CrmReportingException
Exception message: An error has occurred during report processing. (rsProcessingAborted)
Request information:
Request URL: http://CRMServer:5555/OrganizationDev/CRMReports/rsviewer/reportviewer.aspx
Request path: /OrganizationDev/CRMReports/rsviewer/reportviewer.aspx
User host address: 172.x.y.z
User: OTHERDOMAIN estuser
Is authenticated: True
Authentication Type: Negotiate
Thread account name: CRM Service Account
Thread information:
Thread ID: 1
Thread account name: CRM Service Account
Is impersonating: False
Stack trace: at Microsoft.Crm.Web.Reporting.SrsReportViewer.ConfigurePage()
at Microsoft.Crm.Application.Controls.AppUIPage.OnPreRender(EventArgs e)
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Custom event details:
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: MSCRMReporting
Event Category: None
Event ID: 19969
Date: 5/13/2008
Time: 6:55:19 AM
User: N/A
Computer: CRMSERVER
Description:
Web service request SetParameters to Report Server http://CRMServer/reportserver failed with SoapException. Error: An error has occurred during report processing. (rsProcessingAborted)
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
On SQL Server:
Event Type: Failure Audit
Event Source: MSSQLSERVER
Event Category: (4)
Event ID: 18456
Date: 5/13/2008
Time: 6:55:18 AM
User: NT AUTHORITYANONYMOUS LOGON
Computer: SQLServer
Description:
Login failed for user 'NT AUTHORITYANONYMOUS LOGON'. [CLIENT: 172.a.b.c] This is the IP address for the CRM server.
The take away from the events is either the SQL Reporting or CRM is attempting to access the SQL service with the Anonymous account. I expect it's SQL reporting because the CRM application is not having problems letting in the other domain users. The problem occurs only on reports.
I tried the following:
1. Applied the steps in the CRM Planning Guide for "Taks for a native mode domain with users in a mixed-mode domain." This adds the other domain users to a domain local group. Then assigns Browser access to the SQL reports and SQL database access to the group.
2. Set the CRM server to be trusted for delegation (kerberos only)
3. Created SPNs for http/crmserver domaincrmservice and http/crmserver:5555 domaincrmservice and http/crmserver.domain.local domaincrmservice and http/crmserver.domain.local:5555 domaincrmservice
Any suggestion?
Hi,
After implementing custom security extension for forms authentication, the report server works fine with Report Manager and web application. However, there is a problem with Report Builder.
It gives SecurityException "That assembly does not allow partially trusted callers.". Its becos I am using my own security assembly for authentication. I resolved this issue by using the following in my assemblyinfo.cs
[assembly: System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.RequestMinimum, Name="FullTrust")]
However, now when I login to Report Builder it gives me error System.IO.FileNotFoundException. Its not able to find my security assembly.
I also tried giving FullTrust to the assembly using Framework 2.0 Configuration. I read somewhere that the ClickOnce application caches its last called settings in the manifest file and you have to delete the manifest and manually alter the security in the application settings(properties).
Is this true? Is there any solution to this issue? Is this really an issue with clickonce application?
This is really urgent. Any suggestions.
Thanks in advance.
On my current project we have a requirement to re-authenticate the user when accessing sensitive information.
We want re-authenticate using standard NT logins against Active Directory (not a custom database or SSO.
This is trivial to configure using Basic Authentication, however I would like to use an ASP.NET login form. I would like to avoid writing a security extension as I do not want to perform custom authentication. I would like the web service to use it's built in authentication and authorisation mechanisms.
Is the above possible???
The following gives some more details about wht I've tried.
I have tried configuring the report server/manager with Forms authentication as in the sample but cannot get it to work with out implementing the security extensions.
I changed the web.config files and the policy files for permissioning my dll with FullTrust. I did not configure an extension as I want reporting services to use it's built in windows security mechanisms.
In the login page code behind I call the ReportingService2005.LogonUser() method which always throws the following exception:
Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'. The request failed with the error message: --
Reporting Services Error
The report server has encountered a configuration error. See the report server log files for more information. (rsServerConfigurationError) Get Online Help
SQL Server Reporting Services --.
I check the log file and it has the following:
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.logon_aspx.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
aspnet_wp!library!18!03/13/2007-11:38:23:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details., ;
Info: Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details. ---> System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.FormatException: Input string was not in a correct format.
at System.Text.StringBuilder.FormatError()
at System.Text.StringBuilder.AppendFormat(IFormatProvider provider, String format, Object[] args)
at System.String.Format(IFormatProvider provider, String format, Object[] args)
at Microsoft.Samples.ReportingServices.CustomSecurity.Logon.ServerBtnLogon_Click(Object sender, EventArgs e) in C:Program FilesMicrosoft SQL Server90SamplesReporting ServicesExtension SamplesFormsAuthentication SamplecsFormsAuthenticationLogon.aspx.cs:line 130
at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
--- End of inner exception stack trace ---
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.logon_aspx.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
--- End of inner exception stack trace ---
aspnet_wp!library!18!03/13/2007-11:38:24:: i INFO: Exception dumped to: c:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFiles flags= ReferencedMemory, AllThreads, SendToWatson
aspnet_wp!library!1!03/13/2007-11:39:11:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. See the report server log files for more information., Could not load Authentication extension;
Info: Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. See the report server log files for more information.
Am I missing something? Is this even possible? If not, then why isn't it possible?
It feels like I've been going round in circles on something that shouold be pretty trivial to configure.
Thanks in advance.
Adam.
I have a user who is trying to access the SQL 2005 server with 2 seperate accounts(using Windows Authentication). With one account he can connect just fine, but with the seccond he recieves a logon fail error. The only difference that we can tell is that the first account uses a password for our kerberos domain, and the second (that fails) uses a longer pass phrase (which does use spaces as characters). My intuition tells me that shouldn't matter, but I've been wrong before. Can anyone confirm this, or correct me if I'm wrong? This is using ASP.NET 2005 for the front end. The exact Exception details are: "System.Data.SqlClient.SqlException: Login failed for user 'domainuser "
The stack trace is:
SqlException (0x80131904): Login failed for user 'domainuser'.]
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +734867
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) +188
System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +1838
System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) +33
System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) +628
System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) +170
System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) +359
System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options) +28
System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject) +424
System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject) +66
System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject) +496
System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) +82
System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) +105
System.Data.SqlClient.SqlConnection.Open() +111
System.Data.Common.DbDataAdapter.FillInternal(DataSet dataset, DataTable[] datatables, Int32 startRecord, Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior behavior) +121
System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, Int32 startRecord, Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior behavior) +137
System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, String srcTable) +83
System.Web.UI.WebControls.SqlDataSourceView.ExecuteSelect(DataSourceSelectArguments arguments) +1770
System.Web.UI.DataSourceView.Select(DataSourceSelectArguments arguments, DataSourceViewSelectCallback callback) +17
System.Web.UI.WebControls.DataBoundControl.PerformSelect() +149
System.Web.UI.WebControls.BaseDataBoundControl.DataBind() +70
System.Web.UI.WebControls.GridView.DataBind() +4
System.Web.UI.WebControls.BaseDataBoundControl.EnsureDataBound() +82
System.Web.UI.WebControls.CompositeDataBoundControl.CreateChildControls() +69
System.Web.UI.Control.EnsureChildControls() +87
System.Web.UI.Control.PreRenderRecursiveInternal() +41
System.Web.UI.Control.PreRenderRecursiveInternal() +161
System.Web.UI.Control.PreRenderRecursiveInternal() +161
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1360
The user just told me this occurs with Forms Authentication, as well.
Is it possible to configure a datasource using data from a web service (java) requiring basic http authentication?
View 4 Replies View RelatedThis is a subject that has been brought up before but I have not seen a definitive answer/solution.
We have implemented a custom authentication extension (forms authentication) for reporting services and it has been working just fine under "normal" conditions; "normal" being users logging in, viewing reports, and then moving on.
Recently some reports were created by our report group and they contain Dundas gauge controls for "dashboard" style reports. These reports are meant to be up all day and they post back every few seconds because the data they present is mission critical.
This of course exposed the inability of the reportviewer control to stay in the context of Report Manager when it comes to the cookie exchange and authentication thus resulting in the following error:
<html><head><title>Object moved</title></head><body>
<h2>Object
moved to <a
href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportExecution2005.asmx">here</a>.</h2>
</body></html>
I created a quick ASP.NET web application and added the reportviewer to it, implemented IReportServerCredentials and the report came up as expected but behaved the same way as it did in Report Manager. Same with a Windows Forms application.
Increasing the cookie timeout in the forms authentication tag is an option, but not an attractive one. Extending the reportviewer control is also an option, but I don't know if that is a good candidate right now because I don't see anything extensible yet.
Is this just the nature of RS with custom authentication or is there a viable solution out there right now?
Any and all answers are much appreciated and I thank you in advance.
Hello
I'm trying to get the forms authentication sample working - I have followed the instructions given in the ReadMe that came with the samples. When I try to browse to localhost/reportserver (on the server), instead of seeing the logon page as expected, I get the following error message:
An internal error occurred on the report server. See the error log for more details. (rsInternalError) Get Online Help
Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
I built the sample in VS 2005, and am using v2 of .net. Reporting services is installed on a windows server 2003 machine.
This has been driving me crazy for a while now. Any help would be greatly appreciated!
Thanks in advance
Dominic
Hi all,
I need help regarding forms authentication in SSRS. I exactly followed the steps described in the article: http://blogs.msdn.com/bimusings/archive/2005/12/05/500195.aspx. However it doesn€™t seem to be working at my end. The only things that I didn€™t implement correctly are the two members of IExtension interface, here€™s the code for these two members;
public string LocalizedName
{
get { return "Naveed"; }
}
public void SetConfiguration ( string configuration )
{
//throw new Exception("The method or operation is not implemented.");
}
After performing all the steps mentioned in the article when I access http://<servername>/reports, it displays my login page alright, but when I submit the user credentials (whether right or wrong) it gives me:
€œAccess denied creating App_Data subdirectory€?
Description: For security reasons, the identity 'NAVEEDSIDDIQUIASPNET' (under which this web application is running), does not have permissions to create the App_Data subdirectory within the application root directory. ASP.NET stores the Microsoft SQL Express Database file used for services such as Membership and Profile in the App_Data subdirectory of your application.
Along with steps of how to grant the required permission. My question is why it is trying to create the new directory. Does it mean it is unable to find the database or does it mean something else? When I access http://<servername>/reportserver, it gives me:
An internal error occurred on the report server. See the error log for more details. (rsInternalError) Get Online Help
Could not load type 'Vantage.CustomSecurityExtension.Logon'.
Could not load type 'Vantage.CustomSecurityExtension.Logon'.
Could not load type 'Vantage.CustomSecurityExtension.Logon'.
Could not load type 'Vantage.CustomSecurityExtension.Logon'.
Here €˜Logon€™ is the name of the code-behind class of my login page.
Please help me out in this problem.
Thanks and Regards,
Naveed