Wrox Programmer Forums
|
BOOK: Professional SQL Server Reporting Services ISBN: 0-7645-6878-7
This is the forum to discuss the Wrox book Professional SQL ServerReporting Services by Paul Turley, Todd Bryant, James Counihan, George McKee, Dave DuVarney; ISBN: 9780764568787
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Professional SQL Server Reporting Services ISBN: 0-7645-6878-7 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old October 6th, 2005, 08:07 AM
Registered User
  
Join Date: Oct 2005
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to Philip York
Default Secure access of Reports without a URL in ASP.NET
Hi,

We have a requirement to only allow users access to one particular report of a parameterised report and to be accessible within my ASP.NET application.

Users must only be able to view the report parameterised on one value that's associated with their account. We cannot use a URL because this will allow the user to tamper with the parameter and ID values passed to the Reporting Server.

In addition, the user shouldn't be able to view the toolbars or the input parameter fields ..they should only be able to see the report and a few print / export options. Is it possible to do this without exposing the URL?

I would most appreciate any help anyone could offer. I'm thinking this can somehow be done in SOAP? I know there's a ReportViewer control however this appears to operate on URLs.
 
Old October 7th, 2005, 10:42 PM
Registered User
  
Join Date: Oct 2005
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to Philip York
Default
I've come up with a solution and I'd like to share my findings with you all:

1. add a reference to the root Reporting Service web service, it can be found in the root of your Reporting Services site in the ASMX file.

Now create an instance of the ReportServices class, customize the parameters (including the output format, your security credentials etc.) then invoke the Render() method ..this will return a byte stream representing the output.

You can then do whatever you want with this depending on what format you specified the output to render as. You'll probably want to use Response.BinaryWrite() on the stream.

The only caveat of this approach is that you can't use the toolbar in the standard Reporting Services interface. I'm guessing the standard interface is an ActiveX control of some sort.

2. This is the method I ended up using. I created a HttpWebRequest object, executed the URL to the Report Server with all the parameters on the query string, then captured the output as a stream and then rendered it directly to the output of the ASPX page initiating the request. This is a good way to conceal the URL of a calling page.

I hope someone will find this useful if they ever come across a similar problem. If anyone has a better approach, I'd be delighted to hear.
 
Old November 29th, 2005, 03:46 AM
Wrox Author
  
Join Date: May 2004
Posts: 61
Thanks: 0
Thanked 0 Times in 0 Posts
Default
There are several examples of this technique in chapter 9.

Paul Turley, MCSD, MCDBA, MCT, MSF Practitioner





Similar Threads
Thread Thread Starter Forum Replies Last Post
ASP.Net Membership, URL-Rewriting, IIS 7 on hostin Iyad K ASP.NET 2.0 Professional 0 September 12th, 2008 12:08 AM
ASP.NET 1.1,VB.NET,crystal reports, SQl server gvi Crystal Reports 1 September 11th, 2008 02:55 AM
ASP Crystal Reports access denied sboltz Classic ASP Basics 1 November 16th, 2004 04:54 PM
ASP and Access Reports cascade Classic ASP Databases 0 June 12th, 2003 05:19 PM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.