It mentions in the SQL Server Reporting Services book, (chapter 9) that its beneficial to use web services for MSRS report rendering if you want to implement your own security infrastructure, which I do.

This being the context, my questions are two-fold:

1. When I render a drill through report using the web service the drill through links are urls with the parameters in them. Is there a way to avoid this? I can't implement my own security when drill through reports are linked directly back to the MSRS server.

2. Given that it *appears* I can't avoid the links back to the MSRS server when using drill through reports, I intercept all outgoing html and redirect all links to a HttpHandler that handles security for me before sending the original request to the msrs server. Is this the right way to be handling this? Also, if this is correct, there is not authentication benefit to using web services over urls as this method works for both.

Thanks in advance,
Chris