For RS 2000 you can use web services. There is really no way using URL
integration to hide it from the source. You can hide it from the page being
displayed but if they go View, Source they will see it.
In VS 2005 there are two new controls that work with RS 2005. They use web
services under the covers, not URL integration. You do have to have RS 2005.
Note that you can upgrade to RS 2005 while leaving the database at 2000
(that is what I have done). You do need a SQL Server 2005 license for this
however.
My suggestion is if security is important then you use the new controls.
One other option, put the parameters in a database table and then pass the
primary key to the table and have a dataset extracting the parameters.
This does make things more complicated but it is a version independent
solution (if you can convince management to upgrade to RS 2005). Note what I
said about upgrading. Sometimes it is easier to get permission to upgrade
reporting services than it is to upgrade a SQL Server database.
--
Bruce Loehle-Conger
MVP SQL Server Reporting Services
[quoted text, click to view] "Mark" <Mark@discussions.microsoft.com> wrote in message
news:98599DF6-C0E8-418A-A573-8293EEE98E13@microsoft.com...
> I'm using Reporting Servicves for SQL Server 2000 and I've embedded a
> ReportViewer control in an ASP.NET page. The reports I link to all require
> a
> sensitive parameter value and I have been passing that through using the
> query string. Unfortunately, the entire URL of the report--including the
> parameter in the query string--is visible in the source for the page, and
> I
> don't want the user to see this for security purposes.
>
> Is there a way to hide this? I'm open to any and all suggestions.
>
> Thanks,
> Mark
