Friday, January 15, 2010

Sql Server reporting services and forms authentication - Part1

Till now, I know Sql Server reporting services supports only Windows authentication. And of course till now What I did for all clients is the same. The roles or access everything will define using the default report manager site and deploy that on the client environment. But, the current project I am working on is completely different and the main requirement is enabling forms authentication in the sql server reporting services. The story behind is, the client is running different applications based on the aspnetdb [Forms authentication]. So, they want us to run the report server using forms authentication based on the same database. So, how to achieve that? This was the question in my mind till last week. After done research about two days found some nice articles and the way to achieve that. So, I thought of explaining the research, analysis and the way we need to proceed in this article to my readers. So, if you have any requirement like this in future just go ahead and start the work in the same process as explained below. This Part1 describes all about understanding the concept.

To understand the concept:

Here you need to understand one thing that Reporting services in SQL server which comes by default only supports Windows Authentication. There is no default way to make it or turn on forms authentication. To do this, we need to make some custom configurations, changes to web.config and custom coding. But, nothing to worry. It's easy. :)

Reporting services are developed to be extensible. You can write your own extensions and deploy or integrate them to reporting services by making some changes to their config files. So, now we need to concentrate on what is a security extension? Before proceed we need to understand some key points:

  • Reporting services uses role-based security system to authorize users.
  • Security extension supported is based on an open and existing API.
  • Use custom defined authentication or forms authentication if any only if, you need to define different users and roles which is not based on windows accounts.
  • Read the security extension API in the documentation given in the above link. This has all the classes and interfaces defined to start coding.

Now, what is the security extension. "A Reporting Services security extension enables the authentication and authorization of users or groups; that is, it enables different users to log into a report server and, based on their identities, perform different tasks or operations."

So from this post I hope you understand what we need to do to enable forms authentication in reporting services.

1 comment:

  1. Thanks Praveen for posting this. But what needs to change in the SSRS report server and report manager config in order to work with a custom security extension like the one you describe?

    I need some help building one of these - can we hire you to help us?