|
|
You're in the
sql server reporting services
group:SSRS / SiteMinder integration
sql server reporting services:
2005? I've seen one post so far, but it hasn't helped much. What I am trying to do is this: When the user visits the http://<servername>/Reports URL, they should receive a Basic auth prompt initiated by SiteMinder. This would then pass the authenticated user name into the Forms auth extension code provided by Microsoft and continue the log in. As a first step, I am simply having the Basic auth prompt appear, and then take you to the login form provided in the sample for Forms auth - so you enter credentials twice. It is important to note that I have both /Reports and /ReportServer root URIs protected by SiteMinder. My problem is that after I log in to the Reports Manager (the Basic auth prompt and then the Forms prompt), I get an HTTP 401: Unauthorized message from the application itself (not an Internet Explorer-generated error). I've traced this quite a bit, and it seems to come down to the fact that the /Reports application accesses /ReportServer via a web service call. So, since everything under /ReportServer is also SiteMinder protected, it is not authorized to make the call and it fails. (Note: I proved this because if I unprotect /ReportServer in SiteMinder and leave /Reports protected, things work again) It would seem that the solution to this would be a matter of passing the SiteMinder SMSESSION cookie received after logging into /Reports along with the web service request to /ReportServer. The Forms auth extension code from Microsoft already has functions that override the GetWebRequest and GetWebResponse functions in order to pass the sqlAuthCookie around with the web service. So I thought cool. I just added code to these as follows: Protected Overrides Function GetWebRequest(ByVal uri As Uri) As WebRequest Dim request As HttpWebRequest request = CType(HttpWebRequest.Create(uri), HttpWebRequest) ' Create a cookie jar to hold the request cookie Dim cookieJar As New CookieContainer() request.CookieContainer = cookieJar Dim rsAuthCookie As Cookie = AuthCookie ' if the client already has an auth cookie ' place it in the request's cookie container If Not (authCookie Is Nothing) Then request.CookieContainer.Add(rsAuthCookie) End If '**********************THIS CODE ADDED ******************' request.CookieContainer.Add(Utilities.TranslateCookie(HttpContext.Current.Request.Cookies("SMSESSION"))) '**********************END ADDED CODE*******************' request.Timeout = -1 request.Headers.Add("Accept-Language", HttpContext.Current.Request.Headers("Accept-Language")) Return request End Function Protected Overrides Function GetWebResponse(ByVal request As WebRequest) As WebResponse Dim response As WebResponse = MyBase.GetWebResponse(request) Dim cookieName As String = response.Headers("RSAuthenticationHeader") ' If the response contains an auth header, store the cookie If Not (cookieName Is Nothing) Then Utilities.CustomAuthCookieName = cookieName Dim webResponse As HttpWebResponse = CType(response, HttpWebResponse) Dim authCookie As Cookie = webResponse.Cookies(cookieName) ' If the auth cookie is null, throw an exception If authCookie Is Nothing Then Throw New Exception("Authorization ticket not received by LogonUser") End If ' otherwise save it for this request Me.AuthCookie = authCookie ' and send it to the client Utilities.RelayCookieToClient(Me.AuthCookie) ' *****************THIS CODE ADDED *********************' Dim smCookie As Cookie = webResponse.Cookies("SMSESSION") If smCookie Is Nothing Then Throw New Exception("SiteMinder cookie not received") End If Me.smCookie = smCookie Utilities.RelayCookieToClient(Me.smCookie) ' ****************END ADDED CODE***********************' End If Return response End Function .....and I also added this Property for smCookie: Private Property smCookie() As Cookie Get If m_smCookie Is Nothing Then m_smCookie = Utilities.TranslateCookie(HttpContext.Current.Request.Cookies("SMSESSION")) End If Return m_smCookie End Get Set(ByVal value As Cookie) m_smCookie = value End Set End Property Private m_smCookie As Cookie = Nothing This has not worked, and I still get the 401 Unauthorized message from the application when it tries to make the web service call. Have I missed something? Do you have ideas? Thanks for looking.
Also, I found in this post:
http://groups.google.com/group/microsoft.public.sqlserver.reportingsvcs/browse_thread/thread/83591df7a8d70f8c/?hl=en# That the proxy class will not pass along third party cookies....but these posts are from 2004. Would that have been fixed in SSRS 2005? Thanks again.
I would like to implement something similar with SSRS 2005 & SiteMinder. Any
luck yet? thanks, Michael [quoted text, click to view] "wdthem@gmail.com" wrote:
> Has anyone integrated SiteMinder with SQL Server Reporting Services > 2005? I've seen one post so far, but it hasn't helped much. > > What I am trying to do is this: > > When the user visits the http://<servername>/Reports URL, they should > receive a Basic auth prompt initiated by SiteMinder. This would then > pass the authenticated user name into the Forms auth extension code > provided by Microsoft and continue the log in. > > As a first step, I am simply having the Basic auth prompt appear, and > then take you to the login form provided in the sample for Forms auth - > so you enter credentials twice. > > It is important to note that I have both /Reports and /ReportServer > root URIs protected by SiteMinder. > > My problem is that after I log in to the Reports Manager (the Basic > auth prompt and then the Forms prompt), I get an HTTP 401: Unauthorized > message from the application itself (not an Internet Explorer-generated > error). I've traced this quite a bit, and it seems to come down to the > fact that the /Reports application accesses /ReportServer via a web > service call. So, since everything under /ReportServer is also > SiteMinder protected, it is not authorized to make the call and it > fails. (Note: I proved this because if I unprotect /ReportServer in > SiteMinder and leave /Reports protected, things work again) > > It would seem that the solution to this would be a matter of passing > the SiteMinder SMSESSION cookie received after logging into /Reports > along with the web service request to /ReportServer. The Forms auth > extension code from Microsoft already has functions that override the > GetWebRequest and GetWebResponse functions in order to pass the > sqlAuthCookie around with the web service. So I thought cool. I just > added code to these as follows: > > Protected Overrides Function GetWebRequest(ByVal uri As Uri) As > WebRequest > Dim request As HttpWebRequest > request = CType(HttpWebRequest.Create(uri), HttpWebRequest) > ' Create a cookie jar to hold the request cookie > Dim cookieJar As New CookieContainer() > request.CookieContainer = cookieJar > Dim rsAuthCookie As Cookie = AuthCookie > > ' if the client already has an auth cookie > ' place it in the request's cookie container > If Not (authCookie Is Nothing) Then > request.CookieContainer.Add(rsAuthCookie) > End If > > '**********************THIS CODE ADDED ******************' > request.CookieContainer.Add(Utilities.TranslateCookie(HttpContext.Current.Request.Cookies("SMSESSION"))) > '**********************END ADDED CODE*******************' > > request.Timeout = -1 > request.Headers.Add("Accept-Language", > HttpContext.Current.Request.Headers("Accept-Language")) > Return request > > End Function > > > Protected Overrides Function GetWebResponse(ByVal request As > WebRequest) As WebResponse > Dim response As WebResponse = MyBase.GetWebResponse(request) > Dim cookieName As String = > response.Headers("RSAuthenticationHeader") > ' If the response contains an auth header, store the cookie > If Not (cookieName Is Nothing) Then > Utilities.CustomAuthCookieName = cookieName > Dim webResponse As HttpWebResponse = CType(response, > HttpWebResponse) > Dim authCookie As Cookie = webResponse.Cookies(cookieName) > ' If the auth cookie is null, throw an exception > If authCookie Is Nothing Then > Throw New Exception("Authorization ticket not received > by LogonUser") > End If > ' otherwise save it for this request > Me.AuthCookie = authCookie > ' and send it to the client > Utilities.RelayCookieToClient(Me.AuthCookie) > > ' *****************THIS CODE ADDED *********************' > Dim smCookie As Cookie = webResponse.Cookies("SMSESSION") > If smCookie Is Nothing Then > Throw New Exception("SiteMinder cookie not received") > End If > Me.smCookie = smCookie > Utilities.RelayCookieToClient(Me.smCookie) > ' ****************END ADDED CODE***********************' > > End If > Return response > > End Function > > > .....and I also added this Property for smCookie: > > Private Property smCookie() As Cookie > Get > If m_smCookie Is Nothing Then > m_smCookie = > Utilities.TranslateCookie(HttpContext.Current.Request.Cookies("SMSESSION")) > End If > Return m_smCookie > End Get > Set(ByVal value As Cookie) > m_smCookie = value > End Set > End Property > Private m_smCookie As Cookie = Nothing > > > This has not worked, and I still get the 401 Unauthorized message from > the application when it tries to make the web service call. > > Have I missed something? Do you have ideas? > > Thanks for looking. >
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
| home · blog · groups | Questions? Comments? Contact the dn |