My Personal Blog's
Ask for username and password when calling reporting service
These code allow us to set username and password for reporting services to avoid popup request authentication.
This code tested in Visual Studio 2008 and Reporting Services from SQL Server 2005
First create a class called ReportServerCredentials.vb
Imports Microsoft.VisualBasic
Imports Microsoft.Reporting.WebForms
Imports System.Security.Principal
Public NotInheritable Class ReportServerCredentials
Implements IReportServerCredentials
Public ReadOnly Property ImpersonationUser() As WindowsIdentity _
Implements IReportServerCredentials.ImpersonationUser
Get
'Use the default windows user. Credentials will be
'provided by the NetworkCredentials property.
Return Nothing
End Get
End Property
Public ReadOnly Property NetworkCredentials() As Net.ICredentials _
Implements IReportServerCredentials.NetworkCredentials
Get
'Read the user information from the web.config file.
'By reading the information on demand instead of storing
'it, the credentials will not be stored in session,
'reducing the vulnerable surface area to the web.config
'file, which can be secured with an ACL.
'User name
Dim userName As String = _
ConfigurationManager.AppSettings("UserName")
If (String.IsNullOrEmpty(userName)) Then
Throw New Exception("Missing user name from web.config file")
End If
'Password
Dim password As String = _
ConfigurationManager.AppSettings("Password")
If (String.IsNullOrEmpty(password)) Then
Throw New Exception("Missing password from web.config file")
End If
'Domain
Dim domain As String = _
ConfigurationManager.AppSettings("SERVERNAME")
If (String.IsNullOrEmpty(domain)) Then
Throw New Exception("Missing domain from web.config file")
End If
Return New Net.NetworkCredential(userName, password, domain)
End Get
End Property
Public Function GetFormsCredentials(ByRef authCookie As System.Net.Cookie, _
ByRef userName As String, _
ByRef password As String, _
ByRef authority As String) _
As Boolean _
Implements IReportServerCredentials.GetFormsCredentials
authCookie = Nothing
userName = Nothing
password = Nothing
authority = Nothing
'Not using form credentials
Return False
End Function
End Class
Second, add parameter key to your web.config
<appSettings> <add key="UserName" value="UserName"/> <add key="Password" value="Password"/> <add key="SERVERNAME" value="SERVERNAME"/> </appSettings>
And then add this line of code before calling reportserverURL in the report view page:
ReportViewer1.ServerReport.ReportServerCredentials = New ReportServerCredentials()
July 20, 2011 - 1:16 am
This works fine if I hard code the user in app settings. I need to impersonate the windows user. So that IIS on the server hosting the Web site will log onto the Report server as that user.
This is so that the report server can check that accounts credentials. that is if the person is in the security setting for that report or a Active Directory group that is included in the security settings for that report.
We use Active directory.
The Web site will determine what reports the person can access – or that is create a menu – however when the report server is accessed I had thought of using the current users credentials.
thanks.