Many Reporting Services administrators ask me
if we can enable anonymous authentication to access Reporting Services over the
Internet. The answer is: it depends on SQL Server version.
Before SQL Server 2005, Reporting Services had
integration with Internet Information Services (IIS). This integration allowed
that the Reporting Services users were configured directly by IIS, allowing in
this case that the user authentication were anonymous. In this case, an
authentication in Reporting Services is not required to access its reports.
However, since SQL Server 2008, this
integration with IIS no more exists, and the configuration of Reporting
Services users can now be done directly through Reporting Services. And in this
case, anonymous authentication is not possible, as the only possible form of
authentication to Reporting Services is through Forms Authentication.
Nevertheless, even using Forms Authentication,
there is still a way to avoid the user to enter the username and password to
access Reporting Services. The solution would be to develop a distinct
application accessed from the Reporting Services home page. In Visual Studio,
this access can be done using the ReportViewer control. When loading this
application, a fixed username and password would perform integrated
authentication to Reporting Services, enabling access to reports. However, these
user permissions must be set with caution because a misconfigured permission
could open security holes in the reports.
More
information in the articles below:
- Authentication Types in Reporting Services: http://technet.microsoft.com/en-us/library/cc281310(v=sql.100).aspx
- Anonymous access in SQL RS 2008: http://blogs.msdn.com/b/jameswu/archive/2008/07/15/anonymous-access-in-sql-rs-2008.aspx
- Configuring Authentication for Reporting Services: http://msdn.microsoft.com/en-us/library/bb283249(v=sql.90).aspx
- How to: Configure Custom or Forms Authentication in Reporting Services: http://msdn.microsoft.com/en-us/library/cc281383(v=sql.100).aspx
- ReportViewer Controls (Visual Studio): http://msdn.microsoft.com/en-us/library/ms251671.aspx
- IReportServerCredentials Interface: http://msdn.microsoft.com/en-us/library/microsoft.reporting.webforms.ireportservercredentials(v=vs.100).aspx
No comments:
Post a Comment