Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Custom Authentication (Security Extension) with SSRS 2016

I am trying to implement custom forms authentication with SSRS 2016.

Within this article, a reference is made to the SQL Server Reporting Service Product Samples.

It appears that the latest supported version on the samples page (with regards to security extensions) is SSRS 2012. I have successfully applied the information gathered on the samples page to a SSRS 2014 instance. However, it looks as though the file system structure has changed a bit for SSRS 2016 (read, there is no longer a ReportManager folder) which seems to invalidate the instructions provided by the samples page.

Does anyone know where I can find updated procedures for establishing custom authentication?

like image 245
Jason Richmeier Avatar asked Apr 04 '16 18:04

Jason Richmeier


People also ask

How do you pass credentials when accessing SSRS report through URL?

Credentials = new NetworkCredential("username", "password", "domain"); divContents. InnerText = client. DownloadString(my report path);

How do I enable anonymous authentication in SSRS?

The steps are very simple: Standard install of SSRS 2005 (Integrated authentication) In IIS, duplicate the ReportingServices virtual directory and name it Public. Under Public properties set Directory Security - Authentication and Access Control - to Enable Anonymous access using the IUSR_ account.

What is the extension of SSRS package?

The standard file extension for report definition files is . rdl. You can also develop client report definition files, which have the extensions .


3 Answers

We stumbled upon a thread on the MSDN forums located here. This thread has had quite a bit of activity including responses from the product team.

For anyone having issues with getting a custom security extension to work with SSRS 2016 in the next couple of weeks, please have a look. After that, it is my understanding that all of this information will be included in the documentation when the product is in a RTM state.

like image 87
Jason Richmeier Avatar answered Oct 05 '22 23:10

Jason Richmeier


I recently did this work.

I searched in many sites. This example works for me: https://github.com/Microsoft/Reporting-Services/tree/master/CustomSecuritySample. Below, under the example of the project, there is a deployment manual.

Note, in my case, the web portal did not work without assigning machineKey in the files:

  • ...\Reporting Services\ReportServer\web.config
  • ...\Reporting Services\RSWebApp\Microsoft.Reporting­Services.Portal.WebHost.exe.config

In general, everything as described in the manual. Not missing a single step.

The site I used to generate the key: http://www.developerfusion.com/tools/generatemachinekey/

I hope this info helps someone.

like image 38
Konstantin Avatar answered Oct 06 '22 01:10

Konstantin


I think you dont have a problem with get username and password or generating user token, some changes about Security Extentions in SQL Server 2016 refers CheckAccess function in IAuthorizationExtension interface.

In the following links you can find changes and sample codes especially for implementing a Security Extension for SQL Server 2016.

Implementing a Security Extension

Configure Custom or Forms Authentication on the Report Server

Authorization in Reporting Services

IAuthorizationExtension.CheckAccess Method (String, IntPtr, Byte[], CatalogOperation)

like image 36
Mehdi Avatar answered Oct 05 '22 23:10

Mehdi