#1 2018-11-22 17:24:07

Aniello
Member
Registered: 2018-09-09
Posts: 9

Login with embedded report execution view

Hi

I might be misunderstanding something - does httpauthexport not support #inlinereport? Or, is it possible to pass in user name and pwd as parameters when embedding report execution view using '#inlinereport' ?

Offline

#2 2018-11-22 18:01:30

eduardo
Administrator
Registered: 2016-11-01
Posts: 829
Website

Re: Login with embedded report execution view

Hi Aniello,

check here for the URL specification: https://reportserver.net/en/guides/admi … a-the-URL/

InlineReport and httpauthexport are two different things, check the link for exact information.

Regards,
Eduardo

Offline

#3 2018-11-23 13:46:23

Aniello
Member
Registered: 2018-09-09
Posts: 9

Re: Login with embedded report execution view

Hi Eduardo
So how can we get the nice functionality of filter/sort using preview mode when doing the inline report (to embed in our portal) using httpauthexport - Or, is it possible to pass in user name and pwd as parameters when embedding report execution view using '#inlinereport' ?

Offline

#4 2018-11-23 18:44:16

eduardo
Administrator
Registered: 2016-11-01
Posts: 829
Website

Re: Login with embedded report execution view

Hi Aniello,

you can use the APIKey for bypassing login, but this currently only works with httpauthexport.

Regards,
Eduardo

Offline

#5 2018-11-25 03:20:44

Aniello
Member
Registered: 2018-09-09
Posts: 9

Re: Login with embedded report execution view

Hi Eduardo
I have resolved this as follows - hopefully, this may help others - do you foresee any issues with this?

import net.datenwerke.security.service.authenticator.AuthenticatorService
def iUser = 6
def sURL = "http://localhost:8080/reportserver/ReportServer.html#inlinereport/id:1234&type:preview"
def authservice = GLOBALS.getInstance(AuthenticatorService.class)
authservice.setAuthenticated(iUser)
httpResponse.sendRedirect(sURL)

Offline

#6 2018-11-26 12:23:47

eduardo
Administrator
Registered: 2016-11-01
Posts: 829
Website

Re: Login with embedded report execution view

Hi Aniello,

you are bypassing the login process here. The user with Id = 6 will automatically be authenticated, thus, the caller of the report will be able to do and to see all that user=6 is able to. In my installation, root has id=6, so please be careful with this method.
No password/no user check is being performed here: everyone calling this report will automatically have root permissions (if your userId=6 belongs to root).

Better, create a user that is only able to see the reports you mention and nothing more. Then you can auto-authenticate the user. Again, be careful with the permissions you give to this user.

A better approach may be SSO: you can let your users log in  independently from reportserver's login process and reportserver would recognize these are already logged in, so the url will automatically work. An example of an SSO system is CAS SSO.  Check here for some information:
https://reportserver.net/en/guides/scri … sing-LDAP/
https://forum.reportserver.net/viewtopic.php?id=199

Regards,
Eduardo

Offline

#7 2018-11-26 15:33:13

Aniello
Member
Registered: 2018-09-09
Posts: 9

Re: Login with embedded report execution view

Hi Eduardo

Thank you - that's good advice and we'll look into SSO as a better alternative.

Offline

Board footer

Powered by FluxBB