none
Issue with ReportViewer 10.0 using Custom Credentials and IIS integrated mode RRS feed

  • Question

  • Hi
    We are experiencing a problem with the reportviewer 10.0 when trying to use custom credentials. For almost a year now we have been using the report viewer 10 in our solution with an implementation of custom credentials which have been working fine running in IIS 7 classic mode.

    Recently we have tried to switch over to running the web app in IIS 7 integrated mode, but now the report viewer is broken. When the report viewer loads we get a message like this: "Safe handle has been closed". Basicly our app uses windows authentication and our custom credentials implementation uses impersonation when running the reportviewer.

    The implementation of the custom credentials can be seen here: 

    using System;
    using System.Net;
    using System.Security.Principal;
    using System.Web;
    using Microsoft.Reporting.WebForms;
    
    namespace MyReports.Credentials
    {  
      [Serializable]
      public class CustomReportCredentials : IReportServerCredentials
      {  
        public bool GetFormsCredentials(out Cookie authCookie, out string userName, out string password, out string authority)
        {
          authCookie = null;
          userName = null;
          password = null;
          authority = null;
    
          return false;
        }
        
        public WindowsIdentity ImpersonationUser
        {
          get
          {
            return HttpContext.Current.User.Identity as WindowsIdentity;
          }
        }
        
        public ICredentials NetworkCredentials
        {
          get { return null; }
        }    
      }
    }
    

     Our web app uses the trusted subsystem security model so all external resources are accessed using the identity of the app pool. But when accessing reports we want to Impersonate the user so the report only shows data which the user has access to. All is working fine running under IIS classic mode, but when using the above code and running in IIS integrated mode the report does not work.

    I've read almost everything on the msdn documentation for the Report Viewer and also Brian Hartman's blogs posts about implementing custom credentials, but no luck.

    I also have a simple repro web app which clearly shows that it works under classic mode but not under integrated mode.

    Hope to get lucky here before running after Microsoft Support.

    Monday, February 14, 2011 9:27 AM

Answers

  • I just experienced the same problem.

    I solved it by specifying the ReportViewerServerConnection setting in app settings:

    <add key="ReportViewerServerConnection" value="BisPortal.Web.ImpersonatedReportServerConnection, BisPortal.Web"/>

    The ImpersonatedReportServerConnection class looks like this.

    public sealed class ImpersonatedReportServerConnection : IReportServerConnection2
    {
     public bool GetFormsCredentials(out Cookie authCookie,
        out string userName, out string password,
        out string authority)
     {
      authCookie = null;
      userName = null;
      password = null;
      authority = null;
    
      // Not using form credentials
      return false;
     }
    
     public WindowsIdentity ImpersonationUser
     {
      get
      {
       return HttpContext.Current.User.Identity as WindowsIdentity;
      }
     }
    
     public ICredentials NetworkCredentials
     {
      get { return null; }
     }
    
     public Uri ReportServerUrl
     {
      get
      {
       return new Uri(BISAppSetting.ReportServerURL);
      }
     }
    
     public int Timeout
     {
      get
      {
       return 60000; // 60 seconds
      }
     }
    
     public IEnumerable<Cookie> Cookies
     {
      get
      {
       // No custom cookies
       return null;
      }
     }
    
     public IEnumerable<string> Headers
     {
      get
      {
       // No custom headers
       return null;
      }
     }
    }
    
    

    Maybe this is a bug in ReportViewer?

    /Joakim

    Monday, March 7, 2011 3:15 PM

All replies

  • Do you have the following entry in you web.config, if no add it and see if that fixes the issue:

    <system.webServer>
        <handlers>
          <add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
        </handlers>
    </system.webServer>

    Matt M.


    This posting is provided "AS IS" with no warranties, and confers no rights

    Monday, February 14, 2011 11:37 PM
  • Hi Matt

    We have the handler registered in the system.webServer tag. The same as your example, so that's not the issue.

    Tuesday, February 15, 2011 7:19 AM
  • I just experienced the same problem.

    I solved it by specifying the ReportViewerServerConnection setting in app settings:

    <add key="ReportViewerServerConnection" value="BisPortal.Web.ImpersonatedReportServerConnection, BisPortal.Web"/>

    The ImpersonatedReportServerConnection class looks like this.

    public sealed class ImpersonatedReportServerConnection : IReportServerConnection2
    {
     public bool GetFormsCredentials(out Cookie authCookie,
        out string userName, out string password,
        out string authority)
     {
      authCookie = null;
      userName = null;
      password = null;
      authority = null;
    
      // Not using form credentials
      return false;
     }
    
     public WindowsIdentity ImpersonationUser
     {
      get
      {
       return HttpContext.Current.User.Identity as WindowsIdentity;
      }
     }
    
     public ICredentials NetworkCredentials
     {
      get { return null; }
     }
    
     public Uri ReportServerUrl
     {
      get
      {
       return new Uri(BISAppSetting.ReportServerURL);
      }
     }
    
     public int Timeout
     {
      get
      {
       return 60000; // 60 seconds
      }
     }
    
     public IEnumerable<Cookie> Cookies
     {
      get
      {
       // No custom cookies
       return null;
      }
     }
    
     public IEnumerable<string> Headers
     {
      get
      {
       // No custom headers
       return null;
      }
     }
    }
    
    

    Maybe this is a bug in ReportViewer?

    /Joakim

    Monday, March 7, 2011 3:15 PM
  • I just tried the solution, and have actually read it on msdn before, but did not try it out, since we currently set our custom ReportCredentials and ReportServerUrl value in the Page.Load event.

    After some more debugging it seems that all property values set on the report viewer is ignored when a postback occurs, probably because postbacks are handled by a custom HttpHandler. It makes sense that the config solution works since both pages and custom httpHandlers use the same config.

    Our solution will be to register our custom connection in web.config and in the implementation of the IReportConnection we dynamically get the ReportServerUrl  we need (from session or something), which is what we currently do in the Page.Load event.

    Thank you for the answer Joakim

    Tuesday, March 8, 2011 8:24 AM