Skip to content

Latest commit

 

History

History
80 lines (56 loc) · 5.01 KB

configure-custom-or-forms-authentication-on-the-report-server.md

File metadata and controls

80 lines (56 loc) · 5.01 KB
Raw
title description author ms.author ms.date ms.service ms.subservice ms.topic ms.custom helpviewer_keywords
Configure custom or forms authentication on the report server
Configure custom or forms authentication on the report server
maggiesMSFT
maggies
11/11/2023
reporting-services
security
conceptual
updatefrequency5
Forms authentication, configuring
custom authentication [Reporting Services]

Configure custom or forms authentication on the report server

Reporting Services provides an extensible architecture that allows you to plug in custom or forms-based authentication modules. You might consider implementing a custom authentication extension if deployment requirements don't include Windows integrated security or Basic authentication. The most common scenario for using custom authentication is to support Internet or extranet access to a Web application. Replacing the default Windows Authentication extension with a custom authentication extension gives you more control over how external users are granted access to the report server.

In practice, deploying a custom authentication extension requires multiple steps that include copying assemblies and application files, modifying configuration files, and testing. This article focuses on just the authentication settings that you specify in the configuration files.

Note

Creating a custom authentication extension requires custom code and expertise in [!INCLUDEvstecasp] security. If you do not want to create a custom authentication extension, you can use [!INCLUDEmsCoName] Entry ID groups and accounts, but you should greatly reduce the scope of a report server deployment. For more information about custom authentication, see Implement a security extension.

Additionally, you can use Forms authentication or a custom authentication extension in a SQL Server Reporting Services environment that is integrated with a SharePoint product. To do so, you must configure the SharePoint site to use the authentication method that you choose. For more information about configuring authentication in SharePoint, see Authentication samples on [!INCLUDEmsCoName] Developer Network (MSDN).

Configure a report server to use custom authentication

  1. Open the rsreportserver.config in a text editor.

  2. Find the <Authentication> section.

  3. Copy the following XML structure:

    <Authentication>
      <AuthenticationTypes>
             <Custom />
      </AuthenticationTypes>
      <EnableAuthPersistence>true</EnableAuthPersistence>
</Authentication>

  4. Paste it over the existing entries for the <Authentication> section.

    You can't use Custom with other authentication types.

  5. Save the file.

  6. Open the Web.config file for the report server. By default, the file is located in the same folder as the rsreportserver.config file (see RsReportServer.config configuration file).

  7. Find authentication mode and set it to Forms.

    <authentication mode = "Forms" />

  8. Find identity impersonate and set it to False.

    <identity impersonate = "false" />

  9. Add the PassThroughCookies element structure to the configuration file. For more information, see Configure the web portal to pass custom authentication cookies

  10. Save the file.

  11. If you configured a scale-out deployment, repeat all of the previous steps for other report servers in the deployment.

  12. Restart the report server to clear any sessions that are currently open.

Related content

Implement a security extension
Reporting Services custom security sample (GitHub)
Authentication with the report server
RsReportServer.config configuration file
Configure Basic authentication on the report server
Configure Windows Authentication on the Report Server
More questions? Try the Reporting Services forum