You are not logged in.
Pages: 1
Hi
Report Server has generated a std url with username and password on a specific report with the format :
http://SERVER:PORT/reportserverbasedir/reportserver/httpauthexport?id=5000&user=exportuser&apikey=79PKXGScP8r8&format=HTML&download=false
This has caused a security concern since anybody outside the company network could see the data.
What is the recommended solution for exposing internal website to external users? Can the behavior be changed so that when I type the above url, the system would still mandate me to login to the application.
Thanks
Aditi
Offline
Hi Aditi,
the APIKEY is used for bypassing user login together with httpauthexport. The APIKEY should be known only to users being able to open the report exported.
If you need reportserver login, you can use reportexport instead of httpauthexport. More details here: https://reportserver.net/en/guides/admi … a-the-URL/
Regards,
Eduardo
Offline
Thanks!
Offline
Pages: 1