Forms Authentication in SQL Server 2005 | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

Forms Authentication in SQL Server 2005

Hello: I am migrating an application from SQL Server 2000 to 2005. The application uses Reporting Services to display all reports. Authentication is implemented using forms authentication. However, the user does not use the form to login when viewing the report. The user logs into our web application; then, when they access the report, we log them into Reporting Services using the LogonUser method of the Reporting Server web service. I have tried a number of strategies to migrate this application, so far unsuccessfully. I tried running the application as is, since the original web service ReportService.asmx is still there. I then tried implementing a new solution using the following link as an example: http://msdn2.microsoft.com/en-us/library/ms160724.aspx I have been working on this for quite some time and am not able to get the authentication/authorization working correctly for anyone other than the admin. Two problems I am having: The way the authentication is supposed to work is that I call the LogonUser method of the ReportServerProxy, which turns around and calls my custom implemented method LogonUser. LogonUser checks the application database to confirm the authentication, and returns true or false. I have put in debug code and verified this is working correctly. The GetWebResponse method of ReportServerProxy is supposed to intercept the response, capture the reporting server generated cookie, and pass it along as an HTTP cookie for later use. The problem I am having here is the method never gets called. This seems strange, since GetWebRequest is called, and I should get some kind of response, either way. The second problem I am having is when I get to my CheckAccess method. This method is supposed to pass along a user name (the person requesting access), the required operation, and a security descriptor indicating what object was accessed (in this case, a report) and who has access to it so I can make the decision on whether or not the user name has access. A comment in the code indicates that this security descriptor is supposed to be created by the CreateSecurityDescriptor method. The problem I am having is that the CreateSecurityDescriptor method is never called. When I get to the CheckAccess method, the security descriptor is null, indicating no one has access to the object in question. I have set up my solution on two different machines and encountered these same two problems. This would seem to preclude errors in the install process (ex. typos in the config files) or a corrupt internal component of SQL Server. Everything else about the process seems to be working fine. Has anyone encountered this problem before or knows what I should check for? Since these methods are supposed to be called by Reporting Services rather than my own code, I am at a loss as to what to check for to make sure they are called correctly. Thanks in advance for any guidance you can provide.
See this Technet posthttp://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=58604&SiteID=1 is any help, as it relates the subject. Satya SKJ
Microsoft SQL Server MVP
Writer, Contributing Editor & Moderator
http://www.SQL-Server-Performance.Com
This posting is provided AS IS with no rights for the sake of knowledge sharing. The greatest discovery of my generation is that a human being can alter his life by altering his attitudes of mind.
Satya, thanks for replying. Yes, this post does relate to what I’m trying to do. However, the only suggested fix (related to binary serializing) is not really related to my problem. The fix won’t help me because the function is never called; therefore nothing is there to serialize. Eric_bubu mentions that he has this same problem in about the 5th post down. The CreateSecurityDescriptor function does not get called. However, it seems for him that the problem just went away. It doesn’t describe a fix. If I had to hazard a guess, I would say that Reporting Services is getting crossed up somewhere about which authentication to use (Windows vs. Forms) which is why it is unable to create the security descriptor. However, I have checked all of the config files and RS configuration settings that I know of and they all seem to be configured correctly. That’s why I was so perplexed that the problem happened exactly the same on two different machines. I thought that if I did a fresh install on a different machine, any odd errors related to an internal corrupted file, etc. would go away. Let me know if there is anything else you can think of that I should check for, or if it sounds like I am off base.
I believe that is the only reference I was able to find on Technet, I suggest to explain your case to MS connect onhttp://www.connect.microsoft.com and you might have fix or contact CSS. In addition to this I don’t see anything else to suggest. Satya SKJ
Microsoft SQL Server MVP
Writer, Contributing Editor & Moderator
http://www.SQL-Server-Performance.Com
This posting is provided AS IS with no rights for the sake of knowledge sharing. The greatest discovery of my generation is that a human being can alter his life by altering his attitudes of mind.
Thanks for the link. I have posted a question to this site. I will let you know if I hear anything interesting.
]]>