Hello I am getting an error "Authorization ticket not received by
LogonUser" when trying to render an inline pdf report. It only happens
in VB.Net though.
I think that my authcookie is not being set for some reason.
Some info
I have created this app from scratch(modeled after adventureworks
sample in VB) and modified the adventureworks sample(c#)
the c# sample works but the vb.net does not.
I have set both my webCookie.Domain and netcookie.domain to
".domain.com" <- my domain
The sql server, IIS server and the webreports application are on the
same machine.
If I use the reportViewer control (vs 2003) it works fine and the when
I ask for Request.Cookies.AllKeys
I get
ASP.NET_SessionId
.ASPXAUTH
sqlAuthCookie
as the cookies listed.
This s a good sign but when I call the render function rs.render(all my
parameters) I get the error in vb.net only. Could it be a bad
translation on my part?
THis function may have been translated wrong.
Protected Overloads Overrides Function GetWebResponse(ByVal request As
WebRequest) As WebResponse
Dim response As WebResponse = MyBase.GetWebResponse(request)
Dim cookieName As String = response.Headers("RSAuthenticationHeader")
' If the response contains an auth header, store the cookie
If Not (cookieName Is Nothing) Then
Utilities.CustomAuthCookieName = cookieName
Dim webResponse As HttpWebResponse = CType(response,
HttpWebResponse)
Dim authCookie As Cookie = webResponse.Cookies(cookieName)
' If the auth cookie is null, throw an exception
If authCookie Is Nothing Then
Throw New Exception("Authorization ticket not
received by LogonUser")
End If
' otherwise save it for this request
authCookie = authCookie
' and send it to the client
Utilities.RelayCookieToClient(authCookie)
End If
Return response
End Function 'GetWebResponse
Any sugestions would be much appreciated.
Thanks
MoOne thing I forgot to add is I am using forms authentication and it
seems to be working fine up to the rendering point.|||Are you using forms authentication in the september 2005 CTP by chance?
"M0" wrote:
> One thing I forgot to add is I am using forms authentication and it
> seems to be working fine up to the rendering point.
>
Showing posts with label render. Show all posts
Showing posts with label render. Show all posts
Tuesday, March 27, 2012
Monday, March 19, 2012
Authenticating a report render from a browser
I am copying the question from another member as it is exactly my problem:
We have an extranet application (internet users) written in ASP using
VB COM. All the security of what reports users can see is handled
through this application. Is there anyway we can link RS reports using
a URL? In otherwords, users will login like they currently do now and
our application will provide a report list for them. When they run a
report, they will basically click on a link that points to the RS
report. Ideally, when the user logs in initially, they will be
validated by the current application and then be validated against RS
(background). We need this to be as transparent as possible.
I have seen this posted in several different ways, but without any
resolution. Is there no way to accomplish this?
Thanks.we have the same situation. One way to do it is to create a custom
security extension for RS and call it through web services SOAP. You
can either redirect to an aspx page that calls it or maybe call the
webservice in your asp page directly. You should read this article as
it explains it all http://www.devx.com/dotnet/Article/26759|||Marv,
I appreciate the reply and have checked out the web site you referenced. I
hate to be a wimp, but I'm kind of a one-man band and don't have a lot of
time (or a lot of the requisite experience) to undertake a project for what I
was hoping to be a simple solution.
I take it there is just no simple way to tell the Report Server to run the
report on request without additional authentication. It seems like there
should be some setting either in the manager or on the command line that
could accomplish this. I have tried various role assignments, but they seem
to be limited to the server on which the RS resides and all our user
authenication comes from a different domain (and we don't use active
directory).
Anyway, thanks for the response.
Dave
"Marv" wrote:
> we have the same situation. One way to do it is to create a custom
> security extension for RS and call it through web services SOAP. You
> can either redirect to an aspx page that calls it or maybe call the
> webservice in your asp page directly. You should read this article as
> it explains it all http://www.devx.com/dotnet/Article/26759
>|||"Dave" wrote:
> I take it there is just no simple way to tell the Report Server to run the
> report on request without additional authentication.
Without getting into the benfits of ADS, the security model and the
vulnerabilities, etc., if you supply (or remove) the necessary credentials to
the data source and can render the report; you could display the report in an
iframe. It would appear as though it was part of your existing application.
src=http://someserver/reportserver?/FolderName/Report&rs:Command=Render&rc:toolbar=false
Caveat emptor. Someone will find the links.
Just a thought.
We have an extranet application (internet users) written in ASP using
VB COM. All the security of what reports users can see is handled
through this application. Is there anyway we can link RS reports using
a URL? In otherwords, users will login like they currently do now and
our application will provide a report list for them. When they run a
report, they will basically click on a link that points to the RS
report. Ideally, when the user logs in initially, they will be
validated by the current application and then be validated against RS
(background). We need this to be as transparent as possible.
I have seen this posted in several different ways, but without any
resolution. Is there no way to accomplish this?
Thanks.we have the same situation. One way to do it is to create a custom
security extension for RS and call it through web services SOAP. You
can either redirect to an aspx page that calls it or maybe call the
webservice in your asp page directly. You should read this article as
it explains it all http://www.devx.com/dotnet/Article/26759|||Marv,
I appreciate the reply and have checked out the web site you referenced. I
hate to be a wimp, but I'm kind of a one-man band and don't have a lot of
time (or a lot of the requisite experience) to undertake a project for what I
was hoping to be a simple solution.
I take it there is just no simple way to tell the Report Server to run the
report on request without additional authentication. It seems like there
should be some setting either in the manager or on the command line that
could accomplish this. I have tried various role assignments, but they seem
to be limited to the server on which the RS resides and all our user
authenication comes from a different domain (and we don't use active
directory).
Anyway, thanks for the response.
Dave
"Marv" wrote:
> we have the same situation. One way to do it is to create a custom
> security extension for RS and call it through web services SOAP. You
> can either redirect to an aspx page that calls it or maybe call the
> webservice in your asp page directly. You should read this article as
> it explains it all http://www.devx.com/dotnet/Article/26759
>|||"Dave" wrote:
> I take it there is just no simple way to tell the Report Server to run the
> report on request without additional authentication.
Without getting into the benfits of ADS, the security model and the
vulnerabilities, etc., if you supply (or remove) the necessary credentials to
the data source and can render the report; you could display the report in an
iframe. It would appear as though it was part of your existing application.
src=http://someserver/reportserver?/FolderName/Report&rs:Command=Render&rc:toolbar=false
Caveat emptor. Someone will find the links.
Just a thought.
Subscribe to:
Posts (Atom)