Answered by:
C# Authenticate to SSRS Report Server using Report Viewer

Question
-
User1711051787 posted
Hello
Currently, from C# I am using Report Viewer to launch an instance of an SSRS report using Microsoft WebForms
My ASP.NET application is hosted on IIS; the SSRS report is hosted on a different server
To authenticate from IIS to the report server, in my c# app I have:
ReportViewer1.ServerReport.ReportServerCredentials = new ReportServerCredentials("username", "pwd", "domain");
This works but not a good solution; the password expires, and for other reasons.
I would like to switch to using the IIS App Pool Identity, which I can get to using:
System.Net.CredentialCache.DefaultCredentials
However, these are Icredentials; SSRS uses IReportCredentials
How can I solve for using the IIS App pool identity to authenticate to SSRS report server?
Thanks
Monday, July 11, 2016 3:54 PM
Answers
-
User-2057865890 posted
Hi F A,
If you web application is using forms authentication, then simply doing the following will likely work: System.Net.CredentialCache.DefaultCredentials
However, if you are using windows authentication for the web site, the above will instead pass along the identity of the currently logged in windows user, instead of the application pool identity, which may not be what you want. Take a look at this thread.
Best Regards,
Chris
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Saturday, July 23, 2016 2:43 AM
All replies
-
User1711051787 posted
I have tried this
SSRSReportViewer.ServerReport.ReportServerCredentials.NetworkCredentials= System.Net.CredentialCache.DefaultCredentials
Both are of type ICredentials
But NetworkCredentials propery is read only, so this does not work
The class ReportServerCredentials has been implemented like belowpublic class ReportServerCredentials : IReportServerCredentials
{
private string reportServerUserName;
private string reportServerPassword;
private string reportServerDomain;public ReportServerCredentials(string userName, string password, string domain)
{
reportServerUserName = userName;
reportServerPassword = password;
reportServerDomain = domain;
}
public WindowsIdentity ImpersonationUser
{
get
{
// Use default identity.
return null;
}
}public ICredentials NetworkCredentials
{
get
{
// Use default identity.
return new NetworkCredential(reportServerUserName, reportServerPassword, reportServerDomain);
}
}
public void New(string userName, string password, string domain)
{
reportServerUserName = userName;
reportServerPassword = password;
reportServerDomain = domain;
}public bool GetFormsCredentials(out Cookie authCookie, out string user, out string password, out string authority)
{
// Do not use forms credentials to authenticate.
authCookie = null;
user = null;
password = null;
authority = null;return false;
}
}
}Monday, July 11, 2016 4:19 PM -
User-2057865890 posted
Hi FA,
You could try getting the user information from the Web.config file. Take a look at IReportServerCredentials Interface.
using System; using System.Data; using System.Configuration; using System.Net; using System.Security.Principal; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using Microsoft.Reporting.WebForms; public partial class _Default : System.Web.UI.Page { protected void Page_Init(object sender, EventArgs e) { ReportViewer1.ServerReport.ReportServerCredentials = new MyReportServerCredentials(); } } [Serializable] public sealed class MyReportServerCredentials : IReportServerCredentials { public WindowsIdentity ImpersonationUser { get { // Use the default Windows user. Credentials will be // provided by the NetworkCredentials property. return null; } } public ICredentials NetworkCredentials { get { // Read the user information from the Web.config file. // By reading the information on demand instead of // storing it, the credentials will not be stored in // session, reducing the vulnerable surface area to the // Web.config file, which can be secured with an ACL. // User name string userName = ConfigurationManager.AppSettings ["MyReportViewerUser"]; if (string.IsNullOrEmpty(userName)) throw new Exception( "Missing user name from web.config file"); // Password string password = ConfigurationManager.AppSettings ["MyReportViewerPassword"]; if (string.IsNullOrEmpty(password)) throw new Exception( "Missing password from web.config file"); // Domain string domain = ConfigurationManager.AppSettings ["MyReportViewerDomain"]; if (string.IsNullOrEmpty(domain)) throw new Exception( "Missing domain from web.config file"); return new NetworkCredential(userName, password, domain); } } public bool GetFormsCredentials(out Cookie authCookie, out string userName, out string password, out string authority) { authCookie = null; userName = null; password = null; authority = null; // Not using form credentials return false; } }
Best Regards,
Chris
Tuesday, July 12, 2016 3:17 PM -
User1711051787 posted
Thank-you but I am not sure I understand - I am trying to get credentials from the IIS app pool identity
This gets me the IIS credentials: System.Net.CredentialCache.DefaultCredentials
but how to assign to the Report Viewer object?
Sorry, We cannot store the username/password in a web config
Tuesday, July 12, 2016 4:05 PM -
User-2057865890 posted
Hi F A,
If you web application is using forms authentication, then simply doing the following will likely work: System.Net.CredentialCache.DefaultCredentials
However, if you are using windows authentication for the web site, the above will instead pass along the identity of the currently logged in windows user, instead of the application pool identity, which may not be what you want. Take a look at this thread.
Best Regards,
Chris
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Saturday, July 23, 2016 2:43 AM