none
Web parts and permissions for the reporting database RRS feed

Answers

  • I found a way to make it work using the PSecurity.RunWithElevatedPrivileges when executing calls to the DB.
    Id
    • Marked as answer by I D Thursday, April 7, 2011 11:32 AM
    Thursday, April 7, 2011 11:32 AM

All replies

  • Hi ID,

    I think you have created your own custom web service which is fetching the data from RDB(using a connection string to RDB) and you consuming this web service in your web part.

    Correct me if I am wrong.

    For fetching data from RDB(impersonation is not necessary), you can pass user-id and password in your connection string of a user which have atleast read permission on RDB  for your custom web service.

    Then just populate your data in grid and after that just deploy your web part to PWA site.

    Please let to know the users to add that web part in page, so whosoever add this web part, it will query the data base with the account which you specified in your connection string only.

    So for detailed explanation on how to develop and deploy web parts for PS 2010, Please have a look on below articles

    Developing Project Server Web Parts.

    Deploy WebPart

    http://technet.microsoft.com/en-us/library/cc261736.aspx

     

     


    Sachin Vashishth MCTS
    Tuesday, March 29, 2011 11:42 AM
  • Sachin,

    thanks for the reply. You are correct. Since the web part will be installed on many diffrenet installation of MS-Project 2010, I can't hardcode the user/pass connecting to the RDB. In the project web app, the web parts (the list of projects for example) retrieve data from the databases (either through the PSI or direct connection to the db). As far as I know, they do it without impersonation. Is there a way I can do the same? I don't want to force the administrator to enter user/pass in the web part configuration.

     

     


    Id
    Tuesday, March 29, 2011 12:52 PM
  • Hi ID,

    If you dont want to hard code the user/pass then you can use "Intergrated Security" in your connection string. It will take current Windows account credentials for authentication in Data base.

    eg:

    Data Source=Server1;Initial Catalog=DB1;Integrated Security=SSPI;

    As you said in your post, that you have to deploy this web part in different environments, 

    For this I'll suggest you create to a CAB file for deploying it in different installations.

    Note: Any thing which I have misunderstood please let me know.


     

     


    Sachin Vashishth MCTS
    Tuesday, March 29, 2011 1:38 PM
  • Sachi,

    Again, thanks for the reply. If I use the intergrated security option then as you wrote it will use the user credentials which most of them don't have access permissions to the RDB. I need to somehow use the same option the default web parts of MS-Projects use ( I'm guessing a default user configured somewhere).

     

     


    Id
    Tuesday, March 29, 2011 1:45 PM
  • Hi ID,

    Let me correct you here, it will take the credential of user which have logged on to application server where your web application reside(most probably farm admin  which have full access on RDB) because you will install your web part at your application server only.

    It will never take the credential of those users which are using or adding this web part in their page.

    So kindly have look on below article also

    Deploy WebPart

    http://technet.microsoft.com/en-us/library/cc261736.aspx

    http://mstecharchitect.blogspot.com/2009/11/creating-deploying-sharepoint-2010.html


    Sachin Vashishth MCTS
    Tuesday, March 29, 2011 2:07 PM
  • Sachin,

    I've tried using the connection string you wrote but again I'm getting an error that the logged in user (the user who watch the web part) doesn't have permissions to the DB. BTW when I call the PSI extension I have to use impersonation for some other functions.


    Id
    Thursday, March 31, 2011 8:30 AM
  • Hello ID,

    Please let me know the steps you have used to deploy your web part on the application.?


    Sachin Vashishth MCTS
    Thursday, March 31, 2011 9:42 AM
  • Sachin,

    I'm using powershell script to deploy the WP:

    Add-SPSolution -LiteralPath $SolutionPath

    Install-SPSolution $solutionName -GACDeployment -allwebapplications

    where $SolutionPath is the path to the wsp file (including the wsp extension) and the $solutionName  is the solution name.


    Id
    Thursday, March 31, 2011 11:01 AM
  • Hi ID,

    Please go through with "setting security attributes" , "safe control list" and "add a component to web part gallery" from following link

    http://technet.microsoft.com/en-us/library/cc261736.aspx

    This link can help you to resolve your issue.
    Sachin Vashishth MCTS
    Thursday, March 31, 2011 1:59 PM
  • I had the exact same problem before and the company I work for won't let any connection to the sqlserver machine except the one from epm server, so the PSI extension wouldn't help. I ended up writing a WCF service (same as the PSI) but hosted within a windows service. So I can fetch all information needed from the reporting database with one service account. I use that service for all operations needed outside of pure PSI calls.

    Hope this helps

    Thursday, March 31, 2011 2:48 PM
  • I found a way to make it work using the PSecurity.RunWithElevatedPrivileges when executing calls to the DB.
    Id
    • Marked as answer by I D Thursday, April 7, 2011 11:32 AM
    Thursday, April 7, 2011 11:32 AM