How to pass credentials to reportviewer in WPF application SSRS 2008
https://stackoverflow.com/questions/9921350
-
27-05-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian質問
I am using ReportViewer to show the reports on my windows WPF application using .Net 4.0. These reports are deployed on a separate SSRS 2008 report server and not the local machine. Right now, I am passing the credentials of the server in the following manner:
string userName = configClient.Settings.Get("UserName").Value.ValueXml.InnerText;
string password = configClient.Settings.Get("Password").Value.ValueXml.InnerText;
string domain = configClient.Settings.Get("Domain").Value.ValueXml.InnerText;
IReportServerCredentials irsc = new ReportViewerCredentials(userName, password, domain);
_reportViewer.ServerReport.ReportServerCredentials.NetworkCredentials = irsc.NetworkCredentials;
Also, I am using the following settings with the ReportViewer if it is of any use:
_reportViewer.ProcessingMode = ProcessingMode.Remote;
_reportViewer.ShowParameterPrompts = false;
_reportViewer.ServerReport.ReportServerUrl = new Uri(Properties.Settings.Default.ReportServer);
_reportViewer.ServerReport.ReportPath = Properties.Settings.Default.Reports;
I am using the config file to save and retrieve the credentials for the server access, but I do not think this is a secure way of doing it. I would like to implement this in a secure way where I do not need to take the credentials from the user or from the config file. Both the local machine and the server would be on the same network.
I am not sure how to do it, can this be done through impersonation, I am just guessing as I do not have much idea about security and impersonation. Also, if it can be done, can I get a sample or may be a link to an article through which I can get this done.
The core idea is to avoid storing the username and password on the client. I searched for solution but what I got was very vague in nature.
Please do not close this thread as it is an open question, but it is important for me, as I am approaching deadline and working on too many things at a time. Sorry for inconvenience caused if any.
解決
I have found a way to not pass the credentials at all and still be able to retrieve the reports from the Reports Server, but not without help.
I have configured a new Role assignment in the Report Manager using the URL http://localhost/Reports/Pages/Folder.aspx. Go to Properties tab, and add a New Role Assignment and add Everyone and provide the required right to it.
This way, I would not need to pass any credentials from the client for the ReportViewer. Also, it can be used to configure the access for a selected users.
