开发者

Deploy Reporting Services to Web Securely

I've build an asp.net site with a report viewer control that displays reports hosted on our reporting services report server. Everything works great. But now I need to do the same thing with a public facing site, where I'll need to access my report server through the firewall.

My question is: How do I lock this down to make sure that the end user can only access certain reports?

I think that all I need to do is make sure my IIS, in my DMZ, can talk to the report server. But, I think I'll need to impersonate a user that only has access to the reports I want to make available. On the other hand, if my report server is only accessible from the DMZ, then I won't need to worry about the end user directly connecting to the report server. I seems like any report I want to serve to the outside world just needs to be accessible by the default ASPNET account? I hoping someone can confirm my spec开发者_C百科ulation or tell me where I'm wrong.


I had this problem too. What I had to do was make sure that each report takes a parameter from the application. If your authenticated users have an role through a role provider, and public users do not, you could pass the role as a parameter to the report through the application. That way if a user is not authenticated, the parameter will be null, and the report will not execute.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜