Deploy Reporting Services to Web Securely

I've build an asp.net site with a report viewer control that displays reports hosted on our reporting services report server. Everything works great. But now I need to do the same thing with a public facing site, where I'll need to access my report server through the firewall.

My question is: How do I lock this down to make sure that the end user can only access certain reports?

I think that all I need to do is make sure my IIS, in my DMZ, can talk to the report server. But, I think I'll need to impersonate a user that only has access to the reports I want to make available. On the other hand, if my report server is only accessible from the DMZ, then I won't need to worry about the end user directly connecting to the report server. I seems like any report I want to serve to the outside world just needs to be accessible by the default ASPNET account? I hoping someone can confirm my spec开发者_C百科ulation or tell me where I'm wrong.

I had this problem too. What I had to do was make sure that each report takes a parameter from the application. If your authenticated users have an role through a role provider, and public users do not, you could pass the role as a parameter to the report through the application. That way if a user is not authenticated, the parameter will be null, and the report will not execute.