Professional Web Applications Themes

Forms Authentication - Reporting Services Web Service integration - ASP.NET Security

I am working on an asp.net application which requires forms authentication as the method for authenticating the web application using the underlying Active Directory as the user store. I have created my Forms Authentication process using the methods described in some MSDN samples and that works just great. The question/issue I have is this process results in the creation of a forms authentication ticket and setting of the Context.User to a GenericPricipal object. Now, another part of the application needs to run reports that are defined in SQL Server Reporting Services by integrating the solution via the reporting services web ...

  1. #1

    Default Forms Authentication - Reporting Services Web Service integration

    I am working on an asp.net application which requires forms authentication as
    the method for authenticating the web application using the underlying Active
    Directory as the user store.

    I have created my Forms Authentication process using the methods described
    in some MSDN samples and that works just great.

    The question/issue I have is this process results in the creation of a forms
    authentication ticket and setting of the Context.User to a GenericPricipal
    object. Now, another part of the application needs to run reports that are
    defined in SQL Server Reporting Services by integrating the solution via the
    reporting services web service (vs. a URL link).

    In my code to invoke the web service, I have to set the credentials on the
    reporting services web service object to something other than
    system.net.credentialcache.defaultcredentials or I end up with the
    credentials from the aspnet service account. I've tried setting <identity
    impersonate="true" /> in my web.config but that didn't do it. I can get it
    working if I set my credentials to a new instance of the network credentials
    class:

    rs.credentials = new
    system.net.NetworkCredentials("username","password ","domain").

    Unfortunately, I can only seem to make this work by hardcoding the username,
    password, and domain.

    Is there any way to map a GenericPrincipal instance's properties to create a
    valid NetworkCredentials instance? That seems to be the solution I need, but
    I can't retrieve the password from the GenericPrincipal nor can I get it from
    the FormsAuthenticationTicket (unless you have some suggestion in that
    regard).

    I would appreciate any suggestions.

    --
    Paul
    Paul Keegstra Guest

  2. #2

    Default Re: Forms Authentication - Reporting Services Web Service integration

    Paul i guess since ur forms Auth is using Active Directory ..Reporting
    services(security) should be integrated since its on the same Domain and
    i guess ur IIS is member of the domain too...

    I believe <identity impersonate="true" />(impersonating the USER should
    be able to carry the users TOKEN across applications)
    should work for you too..

    The only thing is that Forms Auth must have Anonymous Access clicked
    b-cos of the cookies used..

    Can you pls explain ur scenario again..
    Patrick


    *** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
    Don't just participate in USENET...get rewarded for it!
    Patrick Olurotimi Ige Guest

  3. #3

    Default Re: Forms Authentication - Reporting Services Web Service integration

    The credentials in the CredentialCache and the Principal objects are not
    directly compatible( at least i couldnt get my Principal to translate into
    Network credentials). What you could do is use security features in the web
    service. If you are using WSE 2.0, then you could send the username and
    password via the username token and validate the user at the reporting
    service, using these credentials.
    Hope this helps
    Ramadass


    "Paul Keegstra" <PaulKeegstradiscussions.microsoft.com> wrote in message
    news:54CC434B-AE9F-4159-8876-20FC10FB0360microsoft.com...
    > I am working on an asp.net application which requires forms authentication
    as
    > the method for authenticating the web application using the underlying
    Active
    > Directory as the user store.
    >
    > I have created my Forms Authentication process using the methods described
    > in some MSDN samples and that works just great.
    >
    > The question/issue I have is this process results in the creation of a
    forms
    > authentication ticket and setting of the Context.User to a GenericPricipal
    > object. Now, another part of the application needs to run reports that
    are
    > defined in SQL Server Reporting Services by integrating the solution via
    the
    > reporting services web service (vs. a URL link).
    >
    > In my code to invoke the web service, I have to set the credentials on the
    > reporting services web service object to something other than
    > system.net.credentialcache.defaultcredentials or I end up with the
    > credentials from the aspnet service account. I've tried setting <identity
    > impersonate="true" /> in my web.config but that didn't do it. I can get
    it
    > working if I set my credentials to a new instance of the network
    credentials
    > class:
    >
    > rs.credentials = new
    > system.net.NetworkCredentials("username","password ","domain").
    >
    > Unfortunately, I can only seem to make this work by hardcoding the
    username,
    > password, and domain.
    >
    > Is there any way to map a GenericPrincipal instance's properties to create
    a
    > valid NetworkCredentials instance? That seems to be the solution I need,
    but
    > I can't retrieve the password from the GenericPrincipal nor can I get it
    from
    > the FormsAuthenticationTicket (unless you have some suggestion in that
    > regard).
    >
    > I would appreciate any suggestions.
    >
    > --
    > Paul

    Ramadass Guest

  4. #4

    Default Forms Authentication - Reporting Services Web Service integration

    Nice post. Here’s a tool to use to create and publish your report online in minutes, without coding.
    Scott Levy Guest

Similar Threads

  1. Replies: 0
    Last Post: August 30th, 06:57 PM
  2. Replies: 0
    Last Post: August 30th, 06:50 PM
  3. Windows XP Pro Service Pack 2 X Forms Authentication
    By Fabricio de Reuter Sperandio in forum ASP.NET Security
    Replies: 1
    Last Post: October 7th, 07:03 AM
  4. Forms Authentication- Browser / service Pack issues?
    By Larry in forum ASP.NET Security
    Replies: 2
    Last Post: July 30th, 06:52 AM
  5. Web Services and Forms Authentication Question
    By Chapman in forum ASP.NET Web Services
    Replies: 1
    Last Post: July 26th, 12:19 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139