You are not logged in.
Hi
I might be misunderstanding something - does httpauthexport not support #inlinereport? Or, is it possible to pass in user name and pwd as parameters when embedding report execution view using '#inlinereport' ?
Offline
Hi Aniello,
check here for the URL specification: https://reportserver.net/en/guides/admi … a-the-URL/
InlineReport and httpauthexport are two different things, check the link for exact information.
Regards,
Eduardo
Offline
Hi Eduardo
So how can we get the nice functionality of filter/sort using preview mode when doing the inline report (to embed in our portal) using httpauthexport - Or, is it possible to pass in user name and pwd as parameters when embedding report execution view using '#inlinereport' ?
Offline
Hi Aniello,
you can use the APIKey for bypassing login, but this currently only works with httpauthexport.
Regards,
Eduardo
Offline
Hi Eduardo
I have resolved this as follows - hopefully, this may help others - do you foresee any issues with this?
import net.datenwerke.security.service.authenticator.AuthenticatorService
def iUser = 6
def sURL = "http://localhost:8080/reportserver/ReportServer.html#inlinereport/id:1234&type:preview"
def authservice = GLOBALS.getInstance(AuthenticatorService.class)
authservice.setAuthenticated(iUser)
httpResponse.sendRedirect(sURL)
Offline
Hi Aniello,
you are bypassing the login process here. The user with Id = 6 will automatically be authenticated, thus, the caller of the report will be able to do and to see all that user=6 is able to. In my installation, root has id=6, so please be careful with this method.
No password/no user check is being performed here: everyone calling this report will automatically have root permissions (if your userId=6 belongs to root).
Better, create a user that is only able to see the reports you mention and nothing more. Then you can auto-authenticate the user. Again, be careful with the permissions you give to this user.
A better approach may be SSO: you can let your users log in independently from reportserver's login process and reportserver would recognize these are already logged in, so the url will automatically work. An example of an SSO system is CAS SSO. Check here for some information:
https://reportserver.net/en/guides/scri … sing-LDAP/
https://forum.reportserver.net/viewtopic.php?id=199
Regards,
Eduardo
Offline
Hi Eduardo
Thank you - that's good advice and we'll look into SSO as a better alternative.
Offline
Hi,
Is there a way to use inline URL with authentication?
httpauthexport - works fine with apikey.
ReportServer.html#inlinereport - asks for credentials.
Offline
Hi ern152,
this is currently not supported. We have ticket RS-2286 for this.
In case you are running on ReportServer Enterprise, you could however implement this via a little script that parses the URL, logs in the user identified by the apikey and then forwards the user to the #inlinereport url.
Regards,
Eduardo
Offline
Hi,
So is the idea here to call script via url with parameters (and then pass this parameters to right inline report)?
In the script we should parse url, find out parameters and user and apikey, then find user by given user (in params) and redirect to inline report. But also permission of the user with such an apikey to use report should be checked somehow I think...So it is getting to be complicated.
But what about choosing correct report? Should I create such script for each report which I want to use inline without login?
Last edited by Patryx (2019-05-15 07:57:06)
Offline
One more thing. I am writting such a script.
Could you tell me if my idea how to find out right user is correct?
1. Read user from url (my variable var_user)
2. Read apikey from url (my variable var_apikey)
3. Find user by var_user and check if it has apikey = var_apikey in Properties.
4. Check if such user has right permissions to the report.
How should I do it? I need permission to Report Execution View (which ones permissions are required?)
5. Then I check if nowadays authenticated user is the found one in point 3.
If not, I do setAuthenticated(userID - founded in 3)
6. I can build new url to get inline report and call at the end httpResponse.sendRedirect(newURL).
I have problems with point 4 and some doubts with point 5.
Point 4:
How to check permission in script?
Point 5:
I noticed that setAuthenticated causes that next time when I call script I am still logged in.
What is the behaviour with such scenario?
1. In my PC I open Report Server, log in as administrator.
2. I open new tab and call my script. It will find user (different that administrator) so it call setAuthenticated to such user.
What about using application in first tab (point 1 as administrator)? Currently I am logged as administrator or the user found by user name?
I look forward to your opinion and remarks.
Last edited by Patryx (2019-05-15 10:17:49)
Offline