4

Our web application uses NTLM authentication and it's working. Is it possible to use the same logon credentials to automatically login to the report manager, actually we would like to be able to navigate from our web app to the report manager without login in again. any solutions .Thanks a lot . Can someone help me to add the right tags? I already added some, but afraid of not fit the right one . thanks

Joe.wang
  • 11,537
  • 25
  • 103
  • 180
  • 1
    What have you tried so far? I think what you are describing can be achieved by setting up Forms Authentication. There is a step-by-step tutorial [here](http://msftrsprodsamples.codeplex.com/wikipage?title=SS2008R2!Security%20Extension%20Sample), although this Codeplex entry was not written by me. – sion_corn Apr 02 '13 at 21:02
  • 1
    You could also look at Custom Security. Custom Security will allow you to override the authentication and authorization functions for ssrs. The overrides can then play into your current data model. You would need to defined a class that implements a few interfaces then let them be known by entry's in the rssserportserver.config file. – Ross Bush Apr 03 '13 at 03:27
  • Thanks. Everybody , Need time to read it . – Joe.wang Apr 03 '13 at 06:36
  • Custom security is the way to go. – Ross Bush Apr 05 '13 at 01:56
  • Honestly, I prefer to simply using HttpHandler or HttpModule to make it .Not involve with too much complicated orginal security mechanism of SSRS. thanks. – Joe.wang Apr 05 '13 at 02:08
  • @Joe.wang Hi Joe, did you able to find a solution of your problem? I also got stucked at the same point. – Arjit Jun 02 '17 at 10:54
  • Really sorry that It has been long time post. @Arjit I am afraid that I can not recall the detail of my solution so far. But I do remembered I just added authorization in my `HttpModule`. Please try it. Thanks. – Joe.wang Jul 12 '17 at 09:45
  • Thanks @Joe.wang. I will try. Let me know if you get any more hints. Thanks. – Arjit Jul 14 '17 at 16:19

2 Answers2

1

If you want to perform single sign on to report manager, the way to go for this is by implementing custom security extension provided by Microsoft. This is the standard solution. You can get the implementation details here http://www.codeproject.com/Articles/675943/SSRS-2012-Forms-Authentication

Also, as you mentioned if you don't want to include complexity and to keep things simple, just implement the login by obtaining the DOM of the Validation page and handling click. However, the scenario only works if you are sure about the naming of the tags in the web page.

Check the sample below

public MainWindow()
{
InitializeComponent()
WinFormWebBrowser.Navigate(Url);
WinFormWebBrowser.DocumentCompleted += WinFormWebBrowser_DocumentCompleted;
}

void WinFormWebBrowser_DocumentCompleted(object sender, System.Windows.Forms.WebBrowserDocumentCompletedEventArgs e)
        {
            try
            {
                    HtmlElement ele = WinFormWebBrowser.Document.GetElementById("email");
                    if (ele != null)
                        ele.InnerText = "username";

                    ele = WinFormWebBrowser.Document.GetElementById("pass");
                    if (ele != null)
                        ele.InnerText = passWord;

                    ele = WinFormWebBrowser.Document.GetElementById("loginbutton");
                    if (ele != null)
                        ele.InvokeMember("click");
                WinFormWebBrowser.DocumentCompleted -=WinFormWebBrowser_DocumentCompleted;

            }
            catch
            {

            }

        }
Darey
  • 497
  • 4
  • 24
0

Reporting Services is primarily an intranet application hence default security is Windows Auth. Of Course, Reporting Services is extendable and could be accessed over the internet as well but for that purpose users either have to punch in Windows Credentials (NTLM or Basic) or you have to over write RS' Authentication mechanism. If your application is on Forms Auth, you can have similar authentication on RS while passing authentication cookie from your app to RS' authentication extension. The FBA sample from codeplex shared by Alex could be your starting point.

You may also like to know that you can encapsulate RS' functionality inside your application where users would never access RS directly but your app would make calls to RS and its reports via RS' SOAP APIs.

Ron5504
  • 2,676
  • 2
  • 13
  • 15
  • Isn't better to add a HttpModule which implement user's custom sercurity in there ? because it is simply enough to understand for every Asp.Net developer. and it works for the request to the web services of RS. I had read your recommended answer ,well , I don't think it is easy to be understood. implement and debug. – Joe.wang Aug 16 '13 at 01:19