Harden MS Reporting Services Using Custom Extensions
An incredibly flexible extensibility model is included with Microsoft Reporting Services and hammering down a custom security model is one smart way to take advantage. Shore up your implementation with forms authentication and role membership.
by Teo Lachev
January 13, 2005
ne of the most useful features of Microsoft Reporting Services is its extensibility model. Just about any aspect of Reporting Services can be custom-tailored to meet your specific requirements. Part one of this two-part series explains how to replace the default Windows-based security model of Reporting Services with forms authentication security. First, you'll learn the ropes of implementing forms authentication security and how you can leverage it for Web-based reporting. Then you'll enhance the form's authentication extension by adding role-membership features to simplify the security maintenance.
With Reporting Services (referred as RS for short through the rest of this article), your reports are Web-enabled by default. Once a report is deployed to the report server, it can be requested in one of two ways:
URL addressability: The report is requested by submitting an HTTP-GET request to the report server. In its simplest implementation, URL addressability can be initiated by clicking on a static hyperlink in which the report URL has been embedded. For example, to request the sample customer orders report, the hyperlink can be set as follows:
http://<ComputerName>/ReportServer?/<FolderPath>/Customer Orders, where
ComputerName specifies the machine name where the report server is installed. FolderPath specifies the full folder path where the report is deployed.
The RS Web service is where the report is requested by submitting SOAP request to the RS Web service.
What follows is a discussion of how both options stack against each other.
It's quick, easy and you get access to all the articles on DevX.
This registration/login is to allow you to read articles on devx.com. Already a member?
To become a member of DevX.com create your Member Profile by completing the form below. Membership is free!
ne of the most useful features of Microsoft Reporting Services is its extensibility model. Just about any aspect of Reporting Services can be custom-tailored to meet your specific requirements. Part one of this two-part series explains how to replace the default Windows-based security model of Reporting Services with forms authentication security. First, you'll learn the ropes of implementing forms authentication security and how you can leverage it for Web-based reporting. Then you'll enhance the form's authentication extension by adding role-membership features to simplify the security maintenance.
