Avoid double login in SSRS authentication (with an ASP.NET application) RRS feed

  • Question

  • Hello,

    I've an ASP.NET web application with IIS 6.2 configured to authenticate users with forms authentication. In this web application there is an iframe to show the RDL reports with ReportViewer. I've the ASP.NET application and the ReportServer instance on the same server.

    The form authenticates the user against a web service, but if it fails, it tries to do it with the local Active Directory. In both cases the user is being logged within the local server using the LogonUser function of the ADVAPI32.dll library. If everything is ok, i receive a token that I use to impersonate the current user before I make the call to the Report Viewer.

    The problem I have is that the SSRS authentication is Windows Authentication and it ask me the credentials again. I really don't know how to pass the logged user from the the ASP.NET application  with forms authentication to a SSRS Windows authentication instance without the need of a double login.

    Please, can you give me some guidance? I'm not very good with this kind of issues, so don't hestitate to ask anything it could be unclear.


    Tuesday, June 20, 2017 2:02 PM

All replies

  • Hi lucaslober,

    Based on my research, you could try to disable anonymous authentication and activate Windows authentication on IIS to see whether it works or not.

    - select your web application (or root if you app is place as root app)

    - select Authentication

    disable Anonymous Authentication

    - enable Windows Authentication

    Or in the web.config file:

    <authentication mode="Windows" />
    <identity impersonate="false" />
    <deny users="?" />

    In addition, did you set  forms authentication ticket timed out? If so, please increase time in ticket time out. You can refer to Troubleshooting Forms Authentication  and SSRS 2012 Forms Authentication for details.

    By the way, If you use integrated windows authentication for the SSRS, we don't need to pass credentials to the Report Manager site. It will automatically check if the current users' windows account have permission to access the report site. For passing credentials to SSRS in your web application, you could try to share Forms Authentication cookies in SQL Server Reporting Services with your web application. For more information related to it, please refer to: Sharing Forms Authentication cookies in SQL Reporting Services for details. 

    If you have any question, please feel free to ask.

    Best regards,


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Wednesday, June 21, 2017 5:44 AM
  • Thank you very much for your fast response.

    If I configure the ASP.NET web application to authenticate via Windows Authentication with Impersonation the double login is not needed and the Report Manager uses the currrent login user.

    The problem is that I need to use Forms Authentication in the ASP.NET application because I have to authenticate the users through a web service and I can't change that. In the other side, I've the authorization in the Reporting Services configured with local users using Windows Authentication.

    So, somehow, I've to pass the the logged in credentials from a Forms Authentication ASP.NET application to the Windows Authentication SSRS application. I think this can be done by passing the authentication token using cookies or the sesison state but I'm testing everything and it does not work.

    Thanks in advance.

    Best Regards

    Wednesday, June 21, 2017 8:45 AM
  • Hi Lucaslober,

    If you have found a solution for creating a cusom login page with Windows authentication where a user logs in and is redirected to SSRS and login persists, would you please mind sharing the solution?

    Did you perhaps find a workaround?

    Thanks in advance

    Friday, August 31, 2018 11:32 AM