ASP.NET adding Authentication to Report Handler
https://stackoverflow.com/questions/12617019
-
04-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I've got a Active Reports Handler configured on my website so that i can open the Report directly over a link e.g.
http://localhost/Report.rdlx?OutputFormat=pdf
The problem now of course is that there is no authentication so that everyone can call this link.
How can I add authentication check to this handler?
I am using Forms authentication, preferably I'd like to also check if the user is in a certain role, but would be happy with IsAuthenticated check - so that the user at least has to be logged in to see the report.
I tried to build a "reverse proxy" route handler (I'm using MVC) that returns the response from the report URL only if the user is authenticated. But this doesn't solve the problem since the "original" URL is still exposed.
Any Ideas?
Solution
You can still use the ASP.NET authorization control, meaning you can limit access to that location in the web.config file http://support.microsoft.com/kb/316871
