Forms Authentication - Reporting Services Web Service integration

[Paul Keegstra]

I am working on an asp.net application which requires forms authentication as
the method for authenticating the web application using the underlying Active
Directory as the user store.

I have created my Forms Authentication process using the methods described
in some MSDN samples and that works just great.

The question/issue I have is this process results in the creation of a forms
authentication ticket and setting of the Context.User to a GenericPricipal
object. Now, another part of the application needs to run reports that are
defined in SQL Server Reporting Services by integrating the solution via the
reporting services web service (vs. a URL link).

In my code to invoke the web service, I have to set the credentials on the
reporting services web service object to something other than
system.net.credentialcache.defaultcredentials or I end up with the
credentials from the aspnet service account. I've tried setting <identity
impersonate="true" /> in my web.config but that didn't do it. I can get it
working if I set my credentials to a new instance of the network credentials
class:

rs.credentials = new
system.net.NetworkCredentials("username","password ","domain").

Unfortunately, I can only seem to make this work by hardcoding the username,
password, and domain.

Is there any way to map a GenericPrincipal instance's properties to create a
valid NetworkCredentials instance? That seems to be the solution I need, but
I can't retrieve the password from the GenericPrincipal nor can I get it from
the FormsAuthenticationTicket (unless you have some suggestion in that
regard).

I would appreciate any suggestions.

--
Paul

[Patrick Olurotimi Ige]

Paul i guess since ur forms Auth is using Active Directory ..Reporting
services(security) should be integrated since its on the same Domain and
i guess ur IIS is member of the domain too...

I believe <identity impersonate="true" />(impersonating the USER should
be able to carry the users TOKEN across applications)
should work for you too..

The only thing is that Forms Auth must have Anonymous Access clicked
b-cos of the cookies used..

Can you pls explain ur scenario again..
Patrick


*** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
Don't just participate in USENET...get rewarded for it!

[Ramadass]

The credentials in the CredentialCache and the Principal objects are not
directly compatible( at least i couldnt get my Principal to translate into
Network credentials). What you could do is use security features in the web
service. If you are using WSE 2.0, then you could send the username and
password via the username token and validate the user at the reporting
service, using these credentials.
Hope this helps
Ramadass


"Paul Keegstra" <PaulKeegstra@discussions.microsoft.com> wrote in message
news:54CC434B-AE9F-4159-8876-20FC10FB0360@microsoft.com...

> I am working on an asp.net application which requires forms authentication

as

> the method for authenticating the web application using the underlying

Active

> Directory as the user store.
>
> I have created my Forms Authentication process using the methods described
> in some MSDN samples and that works just great.
>
> The question/issue I have is this process results in the creation of a

forms

> authentication ticket and setting of the Context.User to a GenericPricipal
> object. Now, another part of the application needs to run reports that

are

> defined in SQL Server Reporting Services by integrating the solution via

the

> reporting services web service (vs. a URL link).
>
> In my code to invoke the web service, I have to set the credentials on the
> reporting services web service object to something other than
> system.net.credentialcache.defaultcredentials or I end up with the
> credentials from the aspnet service account. I've tried setting <identity
> impersonate="true" /> in my web.config but that didn't do it. I can get

it

> working if I set my credentials to a new instance of the network

credentials

> class:
>
> rs.credentials = new
> system.net.NetworkCredentials("username","password ","domain").
>
> Unfortunately, I can only seem to make this work by hardcoding the

username,

> password, and domain.
>
> Is there any way to map a GenericPrincipal instance's properties to create

a

> valid NetworkCredentials instance? That seems to be the solution I need,

but

> I can't retrieve the password from the GenericPrincipal nor can I get it

from

> the FormsAuthenticationTicket (unless you have some suggestion in that
> regard).
>
> I would appreciate any suggestions.
>
> --
> Paul

[Scott Levy]

Nice post. Here’s a tool to use to create and publish your report online in minutes, without coding.