You are not logged in.
Dear users of this forum,
we are pleased to inform you that we will be updating the software behind this forum in the near future.
Existing posts, users and categories will remain untouched.
Important:
We will keep you informed in the pinned thread.
Kind regards,
Your ReportServer Team
Liebe Nutzer dieses Forums,
wir freuen uns, euch mitteilen zu können, dass wir in naher Zukunft die Software hinter diesem Forum aktualisieren werden.
Existierende Beiträge, Nutzer und Kategorien bleiben weiterhin bestehen!
Wichtig:
Wir halten euch im angepinnten Beitrag auf dem Laufenden!
Mit vielen Grüßen
Euer ReportServer Team
Pages: 1
Hi
Report Server has generated a std url with username and password on a specific report with the format :
http://SERVER:PORT/reportserverbasedir/reportserver/httpauthexport?id=5000&user=exportuser&apikey=79PKXGScP8r8&format=HTML&download=false
This has caused a security concern since anybody outside the company network could see the data.
What is the recommended solution for exposing internal website to external users? Can the behavior be changed so that when I type the above url, the system would still mandate me to login to the application.
Thanks
Aditi
Offline
Hi Aditi,
the APIKEY is used for bypassing user login together with httpauthexport. The APIKEY should be known only to users being able to open the report exported.
If you need reportserver login, you can use reportexport instead of httpauthexport. More details here: https://reportserver.net/en/guides/admi … a-the-URL/
Regards,
Eduardo
Offline
Thanks!
Offline
Pages: 1