Integrated Security on Reporting Services XML Datasource

I am working on setting up my report server to use a web service as an XML datasource. I seem to be having authentication issues between the web service and the report with I choose to use Integrated security. Here's what I have:

1) I have a website w/ an exposed service. This website is configured to run ONLY on Integrated Security. This means that we have all other modes turned off AND Enabled anonymous access turned off under directory security.

2) Within the Web.config of the website, I have the authentication mode set to Windows.

3) I have the report datasource set to being an XML data source. I have the correct URL to the service and have it set to Windows Integrated Security. Since I am making a hop from the Browser to the Reporting Server to the Web Service, I wonder if I am having an issue w/ Kerberos, but I am not sure.

When I try to access the service, I get a 401 error.

Here are the IIS logs that I am generating:

2011-01-07 14:52:12 W3SVC IP_ADDY POST /URL.asmx - 80 - IP_ADDY - 401 1 0 2011-01-07 14:52:1开发者_Python百科2 W3SVC IP_ADDY POST /URL.asmx - 80 - IP_ADDY - 401 1 5

Has anyone worked out this issue before? Thanks!

It does sound like you are experiencing the "double hop" issue. Is it possible to create an account on your web service that the reporting server uses explicitly instead of passing through the users credentials?

There's a simpler solution if you dont want to muck around with Kerberos... although the user experience is less desirable.

On the Data Source...If you check the "Credentials supplied by the user running the report" and the "Use as Windows credentials when connecting to the data source" then the user will be promoted to log in when they run the report. Since the credentials are being supplied to the SSRS server it's only a single hop from SSRS to the webservice... thus avoiding the double-hop NTLM authentication problem.

It's less user-friendly, though, since you have to log in to run the report.