Open rampblr opened 5 years ago
Follow this: https://github.com/microsoft/Reporting-Services/tree/master/CustomSecuritySample
If you do not want to use the approach used in the sample you are free to modify the Sample code to authorize however your application needs to (SessionID(s), JOTs, encrypted request header values, other tokens and cookies, etc.).
The key in the authentication (getting the sqlAuth cookie) of the Custom Sample is in the Page_Load part- it expects you to set up separate accounts in a separate "UserAccounts" database which "sort of don't" relate to the ReportServer database's Users table; a better approach might be using your own proprietary authentication mechanisms (within Login.aspx.cs Page_Load()...)- and redirect based on your desired way to authenticate the user's SSRS request.
Follow along with the Sample (modern or the 2016 one), play with the code (debug it) and you'll see what I mean.
How to authenticate the Report server from UI web application using custom authentication