Menu
I have two reports , one is for internal users and another one is for external users,
For internal Users i need to enable form authentication to view the report instead of creating the user accounts in the server.
For external User i do not want to enable any authentication, so that they can access the report from the browser without any authentication.
I followed the below steps by using the SSRS samples from the below link, after did all the changes i am getting HTTP500 Error. please help to enable this form based authentication.
modify the RSReportServer.config file
Step 1:-
<Authentication>
<AuthenticationTypes>
<Custom/>
</AuthenticationTypes>
<EnableAuthPersistence>true</EnableAuthPersistence>
</Authentication>
Step 2:-
<Security>
<Extension Name="Forms"
Type="Microsoft.Samples.ReportingServices.CustomSecurity.Authorization,
Microsoft.Samples.ReportingServices.CustomSecurity" >
<Configuration>
<AdminConfiguration>
<UserName>username</UserName>
</AdminConfiguration>
</Configuration>
</Extension>
</Security>
<Authentication>
<Extension Name="Forms" Type="Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationExtension, Microsoft.Samples.ReportingServices.CustomSecurity" />
</Authentication>
Step 3:-
<UI>
<CustomAuthenticationUI>
<loginUrl>/Pages/UILogon.aspx</loginUrl>
<UseSSL>True</UseSSL>
</CustomAuthenticationUI>
<ReportServerUrl>http://<server>/ReportServer</ReportServerUrl>
</UI>
modify the RSSrvPolicy.config file
Step 4:-
<CodeGroup
class="UnionCodeGroup"
version="1"
Name="SecurityExtensionCodeGroup"
Description="Code group for the sample security extension"
PermissionSetName="FullTrust">
<IMembershipCondition
class="UrlMembershipCondition"
version="1"
Url="C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.Samples.ReportingServices.CustomSecurity.dll"
/>
</CodeGroup>
modify the RSMgrPolicy.config file
Step 5:-
<CodeGroup
class="FirstMatchCodeGroup"
version="1"
PermissionSetName="FullTrust"
Description="This code group grants MyComputer code Execution permission. ">
<IMembershipCondition
class="ZoneMembershipCondition"
version="1"
Zone="MyComputer" /> "}*To use Forms Authentication, you need to modify the Web.config files for Report Manager and Report Server
modify the Web.config file for Report Server
Step 6:-
<authentication mode="Forms">
<forms loginUrl="logon.aspx" name="sqlAuthCookie" timeout="60" path="/">
</forms>
</authentication>
Add the following <authorization> element directly after the <authentication> element.
<authorization>
<deny users="?" />
</authorization>.
Web.config file for Report Manager
Step 7 :-
Disable impersonation by locating the section <identity impersonate= "true" /> and changing it to the following: <identity impersonate="false" />.
Locate the <authentication> element and change the Mode attribute to Forms.
Add the following keys to the <appSettings> element.
<add key="ReportServer" value="<Server Name>"/>
<add key="ReportServerInstance" value="<Instance Name>"/>
Reference URL https://msftrsprodsamples.codeplex.com/wikipage?title=SS2008R2%21Security%20Extension%20Sample&FocusElement=Comment
After performing all the above steps , when i am trying to register user i am getting the error called Keyword not supported: 'mssqlserver;integrated security'.
577
You can use the Forms Authentication setting, displayed under the Security > Authenticated Access section of the Internet Information Services view for a website, to set forms authentication on web applications. Set the Forms Authentication option to Yes to enable forms authentication.
In the Web. config file, find the authentication mode and set it to Forms. Find identity impersonate and set it to False. For more settings, please refer to:, please refer to: Configure Custom or Forms Authentication on the Report Server.
By default, the report server uses Windows Integrated authentication and assumes trusted relationships where client and network resources are in the same domain or in a trusted domain.
On the Windows machine where you installed SSRS, locate the rsreportserver. config file. The default location is C:\Program Files\Microsoft SQL ServerReportingServicesInstance\Reporting Services\ReportServer\rsreportserver. config.
Kindly check this setting to access direct without form authentication.
<allow users="*" />
Check this line to show form authentication.
<deny users="?" />
web.config setting in application.
<authorization>
<allow roles="Administrator" />
<allow users="*" />
</authorization>
<authentication mode="Forms">
<forms timeout="500000" loginUrl="Login.aspx" />
</authentication>
<system.web>
<httpHandlers>
<remove verb="*" path="*.asmx" />
<add verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" validate="false" />
<add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false" />
</httpHandlers>
<httpModules>
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</httpModules>
<webServices>
<protocols>
<add name="HttpGet" />
<add name="HttpPost" />
</protocols>
</webServices>
</system.web>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
