I am trying to implement some custom security code in SSRS 2008 (and not R2) in order to enable forms authentication instead of Windows authentication. I based my decision on a sample of Microsoft code and managed to get most of it working perfectly fine. The only area where problems occur is logging into the actual URL of Report Manager.
Problem 1 When using the URL http://localhost/Reports_MSSQL2008/ it does not raise the UILogon.aspx page that I copied to the /Pages folder (as indicated in the Microsoft example). I changed the web.config file in the ReportManager folder to contain the following:
<authentication mode="Forms"> <forms loginUrl="UILogon.aspx" name="sqlAuthCookie" timeout="60" slidingExpiration="true" path="/" /> </authentication>
I tried changing the path to match the exact path to the aspx file, but still no joy!
Problem 2 Because of the above, I tried to just get into UILogon and ReportManager via the URL, http://localhost/Reports_MSSQL2008/Pages/UILogon.aspx . This works in that I can enter my code (UILogon.aspx.cs and IAuthorisation / IAuthentication code), and I see that it does the following:
- user authentication / authorization
- cookie creation
- saving cookie (sqlAuthCookie) in response / request cookie container
- executing response.redirect on the /Folder.aspx page
The problem is that when response.redirect returns to the GetUserInfo () method, HttpContext.Current.User is null and the cookie no longer exists. Because of this, the null IIdentity value is returned (perhaps it was configured for something else!), And SSRS gives an error ...
Microsoft.ReportingServices.Diagnostics.Utilities.AuthenticationExtensionException:
The authentication extension raised an unexpected exception or returned an invalid value: identity == null.
For information - when I run Report Builder / Visual Studio bi proj / web service url, it does exactly what I need and works fine ... it's just the report manager that causes the problem.
source share