Reputation: 690
how to forward basic authentication challenge to report manager url
*The details of the environment is described at the bottom.
I am trying to build an authentication solution for reporting services.
Online costumers should be authenticated using our existing costumer database, while local administrative users could use a simple, Basic, authentication.
I have made a security extension to SSRS using the codeplex examples and the way I use to issue the basic challenge is as follows
public void GetUserInfo(out IIdentity userIdentity, out IntPtr userId)
{
if (HttpContext.Current != null && HttpContext.Current.User != null)
userIdentity = HttpContext.Current.User.Identity;
else
{
HttpContext.Current.Response
.AddHeader("WWW-Authenticate", "Basic realm=\"ReportServer\"");
HttpContext.Current.Response.Status = "401 Unauthorized";
HttpContext.Current.Response.Flush();
HttpContext.Current.Response.Close();
userIdentity = new GenericIdentity("not authorized");
}
userId = IntPtr.Zero;
}
That way when a user that haven't passed through the LogonUser method (ie. direct url access, bids report deployment, not the regular user apps) gets challenged with a Basic logon/password popup. To support this I made a httpmodule as follows
void IHttpModule.Init(HttpApplication context)
{
context.AuthenticateRequest += CustomAuthenticateRequest;
}
void CustomAuthenticateRequest(object sender, EventArgs e)
{
var app = sender as HttpApplication;
if (app == null) return;
var basicAuth = app.Context.Request.Headers["Authorization"];
if (!string.IsNullOrEmpty(basicAuth))
{
var loginpass = Encoding.Default.GetString(
Convert.FromBase64String(basicAuth.Replace("Basic ", ""))).Split(':');
if (loginpass.Length == 2
&& loginpass[0] == adminUser
&& loginpass[1] == adminPass)
{
app.Context.User = new GenericPrincipal(
new GenericIdentity(adminUser), null);
}
}
}
This works fine when accessing /ReportServer URL, I get challenged, enter the hardcoded admin login/pass and get logged on.
The problem is when accessing /Reports I get
System.Net.WebException: The request failed with HTTP status 401: Unauthorized
I want to know how can I pass the login/pass challenge all the way down to /Reports
I'm running SqlServer 2012 along with Reporting Services 2012, but the inner workings haven't changed from SSRS 2008-R2
In my web.config I have
<authentication mode="None" />
<identity impersonate="false" />, and the entry for the httpmodule
On rssrvpolicy.config the codegroup for my httpmodule is with FullTrust
On rsreportserver.config I have
<AuthenticationTypes>
<Custom/>
</AuthenticationTypes>, and the entry for the security extension
I don't have SSL configured, yet, and the bindings are at their default
Upvotes: 24
Views: 4827
Answers (1)
Reputation: 41
From the error message, it seems that the authentication error occurs on rendering the UI of the report manager. Please go to the folder, c:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportManager\, and find out the web.config file, and apply the following changes.
<authentication mode="None" />
<identity impersonate="false" />, and the entry for the httpmodule
Upvotes: 4
Related Questions
- SSRS Double Hop Authentication?
- Forms authentication in ssrs 2008 r2?
- Windows Authentication with SSRS ASP.NET ReportViewer and Web Service
- Passing Credentials to Sql Report Server 2008
- Passing server credentials to SSRS
- SSRS 2005 - Configuring User Authentication/Authorization
- How to pass credentials when accessing SSRS report through URL
- SQL 2008 Reporting Services Authentication
- SQL Server Reporting Services ReportViewer authentication
- Using SSRS with ASP.Net ReportViewer