I have a web application that uses forms authentication.
Ideally I would like to be able to make some reports from my Reporting Services server available BUT I would also like to be able to pass authentication data through as I would like the reports available to be dictated by who the user is and the roles that they have within the application.
So for example if I have user A and user B then there are some reports that only user A will want to be able to see and some that only user B will want to see
There are also some reports that will vary the data according to who the user is e.g. user A will want to see their data only and User B will want to see their data only but on the same report
Is this possible? If anyone has any suggestions on where I can look to find out how to do this I would be grateful
thanks
steveI'd suggest doing the authentication before ever getting over to the reporting services server. Let the application control which reports each person can see based on their authorization in the application. Hopefully you will already have this information available, and if not it should not be hard to add.
And... even though it is more work now I'd also consider streaming the reporting services data back from the reporting services server to your application. Your server builds all of the correct parms including user specific required information, passes the request to the reporting services server, it processes the report data and comes back with a report, the report is streamed back to your application which displays it in a web browser or makes it available for download.|||
Thanks Patrick
The authorization information is available as you suggest.
I'm not sure I'm absolutely clear on what you mean bystreaming the reporting services data back. Do you mean some sort of HTTP handler or web service call? Ideally I would like something fairly simple that maintained much of the functionality of Reporting Services - particularly the ability to subscribe and to have different output formats
steve
I know reporting services can restrict report view by userids anddomains,but that is all configured on the reporting services side atthe report and the report folder level. The way that comes to mindfirst doing what you are talking about (passing credentials at reportrun time) is to have the report at a high level look at what is beingpassed and conditionally hide the page.
One thing I don't understand - how will somebody ever haveauthorization to see a report is even available if they are notauthorized to view it? Shouldn't you not even make the option availableto them? Display a report list for the current user, but that list is asubset of ALL of the reports available. They only see what they cantruly get to. I don't have your original post in front of me so I don'tknow if you have some restriction that prevents that. But that routeseems to be the best long term solution for anyone that is planning onusing reporting services and wants authentication.
FYI... in VS2005 there is a control you can put in your applicationthat looks/feels just like the reporting services website. So it willbe easier to stream reports back while keeping alot of thefunctionality.
|||Thanks patrick
steve|||My pleasure. I can't believe I was actually able to help somebody.
Report back with what you finally do and how it worked. I am interestedin seeing your solution and the code that goes along with it.
|||OK, no problems but don't hold your breath it may take a while
steve
No comments:
Post a Comment