Showing posts with label aspnet. Show all posts
Showing posts with label aspnet. Show all posts

Monday, March 19, 2012

Integrated Security in a Workgroup?

The A\ASPNET and B\ASPNET machine accounts are created by IIS (I think) --
at least I know that I did NOT create them. These are the accounts used by
IIS when executing ASP pages. Since these accounts are not created by me I
don't know the passwords -- and I can't just change them in XP because then
IIS will likely fail due to using the old password. Perhaps I can change
the default ASP account used by IIS on both machines -- then I can create
local accounts with the same username and password.
Thanks for the suggestion.
Bill
"Stephen Dybing [MSFT]" <stephd@.online.microsoft.com> wrote in message
news:uOFYrdRuDHA.3144@.tk2msftngp13.phx.gbl...
quote:

> I believe that you do this without specifying the A\ or B\.
> --
> Sincerely,
> Stephen Dybing
> This posting is provided "AS IS" with no warranties, and confers no

rights.
quote:

> Please reply to the newsgroups only, thanks.
> "Bill Cohagan" <bill@.teraXNOSPAMXquest.com> wrote in message
> news:#aPrRKOuDHA.4056@.TK2MSFTNGP11.phx.gbl...
> A\ASPNET
the[QUOTE]
> A
and[QUOTE]
> an
only.[QUOTE]
the[QUOTE]
> SQL
> rights.
>
Kevin
Thanks for the response. Please see my reply to dybing regarding
passwords being problematic.
Bill
"Kevin McDonnell [MSFT]" <kevmc@.online.microsoft.com> wrote in message
news:uN4DrXRuDHA.1360@.cpmsftngxa06.phx.gbl...
quote:

> See if you can make a Trusted Connection using SQL. If the passwords are
> the same, then this should work.
> Use ISQL.exe
> ISQL -SSQLServerNameHere -E -Q"select @.@.version"
> This should return the version of SQL 2000.
> If this works then, we know the security is working, it may be a
> configuration issue with ASP.NET.
>
> Thanks,
> Kevin McDonnell
> Microsoft Corporation
> This posting is provided AS IS with no warranties, and confers no rights.
>
>
|||No, sorry, what I meant was that when you set up the SQL Server permissions,
try it without including the A\ or B\.
Sincerely,
Stephen Dybing
This posting is provided "AS IS" with no warranties, and confers no rights.
Please reply to the newsgroups only, thanks.
"Bill Cohagan" <bill@.teraXNOSPAMXquest.com> wrote in message
news:utxj$XduDHA.1596@.TK2MSFTNGP10.phx.gbl...
quote:

> The A\ASPNET and B\ASPNET machine accounts are created by IIS (I think) --
> at least I know that I did NOT create them. These are the accounts used by
> IIS when executing ASP pages. Since these accounts are not created by me I
> don't know the passwords -- and I can't just change them in XP because

then
quote:

> IIS will likely fail due to using the old password. Perhaps I can change
> the default ASP account used by IIS on both machines -- then I can create
> local accounts with the same username and password.
> Thanks for the suggestion.
> Bill
> "Stephen Dybing [MSFT]" <stephd@.online.microsoft.com> wrote in message
> news:uOFYrdRuDHA.3144@.tk2msftngp13.phx.gbl...
> rights.
> the
> and
> only.
> the
the[QUOTE]
>
|||Since I'm using integrated security I must select an existing NT user; thus
I can't specify a user, ASPNET (or whatever), unless that user exists as a
local user on the machine. I can of course create such a user, but then I've
got the password problem I already mentioned. Have I misunderstood your
suggestion?
Bill
"Stephen Dybing [MSFT]" <stephd@.online.microsoft.com> wrote in message
news:%23nPgnyduDHA.2148@.TK2MSFTNGP12.phx.gbl...
quote:

> No, sorry, what I meant was that when you set up the SQL Server

permissions,
quote:

> try it without including the A\ or B\.
> --
> Sincerely,
> Stephen Dybing
> This posting is provided "AS IS" with no warranties, and confers no

rights.
quote:

> Please reply to the newsgroups only, thanks.
> "Bill Cohagan" <bill@.teraXNOSPAMXquest.com> wrote in message
> news:utxj$XduDHA.1596@.TK2MSFTNGP10.phx.gbl...
think) --[QUOTE]
by[QUOTE]
I[QUOTE]
> then
change[QUOTE]
create[QUOTE]
that[QUOTE]
B[QUOTE]
message[QUOTE]
duplicate[QUOTE]
> the
>
|||Hmm, I had assumed, like Kevin mentioned earlier, that if you used those
workgroup users, where the only thing that changed was the name of the
workgroup, it would work. I've done similar sorts of things with accounts
crossing different domains before and figured this would work as well. If
not, then your problem is beyond what I can help with off the top of my
head, and I don't have workgroup machines here that I can test on. Sorry!
Sincerely,
Stephen Dybing
This posting is provided "AS IS" with no warranties, and confers no rights.
Please reply to the newsgroups only, thanks.
"Bill Cohagan" <bill@.teraXNOSPAMXquest.com> wrote in message
news:eXwPQHeuDHA.1888@.TK2MSFTNGP10.phx.gbl...
quote:

> Since I'm using integrated security I must select an existing NT user;

thus
quote:

> I can't specify a user, ASPNET (or whatever), unless that user exists as a
> local user on the machine. I can of course create such a user, but then

I've
quote:

> got the password problem I already mentioned. Have I misunderstood your
> suggestion?
> Bill
> "Stephen Dybing [MSFT]" <stephd@.online.microsoft.com> wrote in message
> news:%23nPgnyduDHA.2148@.TK2MSFTNGP12.phx.gbl...
> permissions,
> rights.
> think) --
used[QUOTE]
> by
me[QUOTE]
> I
> change
> create
> that
machine[QUOTE]
> B
purposes[QUOTE]
> message
> duplicate
on[QUOTE]
no[QUOTE]
>
|||Please let me know if you're still having a problem with this and I'll
request a couple of workgroup machines from our lab this week and try it
myself. You can reach me directly by removing the "online." from my posting
address.
Sincerely,
Stephen Dybing
This posting is provided "AS IS" with no warranties, and confers no rights.
Please reply to the newsgroups only, thanks.
"Bill Cohagan" <bill@.teraXNOSPAMXquest.com> wrote in message
news:eXwPQHeuDHA.1888@.TK2MSFTNGP10.phx.gbl...
quote:

> Since I'm using integrated security I must select an existing NT user;

thus
quote:

> I can't specify a user, ASPNET (or whatever), unless that user exists as a
> local user on the machine. I can of course create such a user, but then

I've
quote:

> got the password problem I already mentioned. Have I misunderstood your
> suggestion?
> Bill
> "Stephen Dybing [MSFT]" <stephd@.online.microsoft.com> wrote in message
> news:%23nPgnyduDHA.2148@.TK2MSFTNGP12.phx.gbl...
> permissions,
> rights.
> think) --
used[QUOTE]
> by
me[QUOTE]
> I
> change
> create
> that
machine[QUOTE]
> B
purposes[QUOTE]
> message
> duplicate
on[QUOTE]
no[QUOTE]
>
|||OK, I think I've got it working. I discovered (via KB #315158) how to
set the account and password used by IIS via attributes in the
processModel element of the machine.config file. All I needed to do was
1.) Reset the password of the <machine>\ASPNET account to a common value
on both machines.
2.) Edit the machine.config file on both machines to reflect the new
common password.
I'd already added the ASPNET account as a login on the SQL server. Since
now the A\ASPNET and B\ASPNET have common login names AND passwords I
can apparently access the SQL server on machine B via the A\ASPNET
account on machine A. This solves my problem.
Bill
"Bill Cohagan" <bill@.teraXNOSPAMXquest.com> wrote in message
news:eXwPQHeuDHA.1888@.TK2MSFTNGP10.phx.gbl...
quote:

> Since I'm using integrated security I must select an existing NT user;

thus
quote:

> I can't specify a user, ASPNET (or whatever), unless that user exists as a
> local user on the machine. I can of course create such a user, but then

I've
quote:

> got the password problem I already mentioned. Have I misunderstood your
> suggestion?
> Bill
> "Stephen Dybing [MSFT]" <stephd@.online.microsoft.com> wrote in message
> news:%23nPgnyduDHA.2148@.TK2MSFTNGP12.phx.gbl...
> permissions,
> rights.
> think) --
used[QUOTE]
> by
me[QUOTE]
> I
> change
> create
> that
machine[QUOTE]
> B
purposes[QUOTE]
> message
> duplicate
on[QUOTE]
no[QUOTE]
>
Posted by Unknown at 8:25 PM 0 comments
Labels: , , , , , , , , , , , , , ,

Integrated Security in a Forms asp.net App

Hi
We have a problem which I can see has been encountered by others in the past.
However, even after reading many threads on this subject it is not entirely
clear what thesolution is. I would like advice on how best to proceed.
We have an asp.net application which uses Forms authentication. Some pages
have frames which contain RS reports. The reports are called by URL. It
works great except for the security...
The application is to be used by several hundred users from outside our
organisation. The reports used within the application will also be accessed
by users on our own domain via report manager.
We have SQL Server 2000 standard edition.
I have read that I cannot configure for forms authentication because we do
not have SQL Enterprise edition. It seems that this would mess up our
authentication for internal users anyway. If I configure Report Server for
anonymous access I lose control over who sees what within our company & the
world at large can get at the reports if they figure out the URL.
What are my options for a workable integrated security solution?
Thanks
WayneWe recently had the same type of requirements. We did have to move to
Enterprise and additionally, we had to create a custom security
extension (similiar to a custom reporting extension) to handle our
special needs. Microsoft may have some examples of doing this.
This was the only solution we found.
Ken Foust|||Thanks for the reply Ken.
I've seen some examples of custom extensions, I was hoping I could avoid it
as it looks difficult & time consuming to set up. I may have to avoid it
anyway as I'm not convinced I will get approval for an upgrade to Enterprise
edition. If you are using forms authentication now, how has this affected
usage of internal reports? I've seen someone tout the idea of having
separate Forms & Windows security Report Servers, did you try this perhaps?
What a shame that RS does not cater for this common scenario straight out of
the box.
Thanks
Wayne
ken_foust@.hotmail.com wrote:
>We recently had the same type of requirements. We did have to move to
>Enterprise and additionally, we had to create a custom security
>extension (similiar to a custom reporting extension) to handle our
>special needs. Microsoft may have some examples of doing this.
>This was the only solution we found.
>Ken Foust
--
Message posted via http://www.sqlmonster.com
Posted by Unknown at 8:24 PM 0 comments
Labels: , , , , , , , , , , , , , ,

Monday, March 12, 2012

Integrate Reports in ASP.Net Web Form

Hi,
I have my reports at http:\\localhost\ReportServer and need to use them in
ASP.NET Web Form.I have a few questions reg. this
--> I want to generate a PDF when a button labeled "Generate Report" is
clicked"
(1) I tried this using the below code:
Dim myResponse As Byte()
Dim url As String = http://localhost/reportserver?/Reports/Sales
Invoice&ORDER_ID=1879&rs:Format=PDF
Dim myWebClient As New WebClient
myWebClient.Credentials = CredentialCache.DefaultCredentials
myResponse = myWebClient.DownloadData(url)
Response.ContentType = "application/pdf"
Response.AddHeader("content-disposition", "attachment; filename=Sales
Invoice.PDF")
Response.BinaryWrite(myResponse)
But got the error "The remote server returned an error: (403) Forbidden"
I have included "<identity impersonate="true"/>" in Web.Config File.
This Error is because the Credentials is null. I don't know why the
credentials are null even after I use myWebClient.Credentials = CredentialCache.DefaultCredentials
The same code works if I Create new Credentials specifying UserName and
Password. But I am cannot specify Username and password. The Application has
take the credentials from the server.
(2) Why can't I use the following one line of code(This works, I want to
know are there any kind issues with
this)Response.Redirect(http://localhost/reportserver?/Reports/Sales
Invoice&ORDER_ID=1879&rs:Format=PDF)
(3) What are other ways to integrate reports with ASP.NET Web Form.
(4)I need to deploy the Reports that I created in my machine to the server
I tried to deploy setting TargetServerURL=http://servername/ReportServer in
Project Properties, but got the error
"The permissions granted to user are insufficient for performing this
operation". What kind of permissions are required.
(5)What are different ways to deploy Reports on a Server.It sounds like you are running into the double hop issue. You can not make
an impersonated call to another machine if you are currently impersonated,
unless the machines trust one another. You would need to set up Kerberos to
get the machines to trust each other.
--
-Daniel
This posting is provided "AS IS" with no warranties, and confers no rights.
"Kiran" <Kiran@.nospam.net> wrote in message
news:O7VH3Z35EHA.1564@.TK2MSFTNGP09.phx.gbl...
> Hi,
> I have my reports at http:\\localhost\ReportServer and need to use them in
> ASP.NET Web Form.I have a few questions reg. this
> --> I want to generate a PDF when a button labeled "Generate Report"
> is clicked"
> (1) I tried this using the below code:
> Dim myResponse As Byte()
> Dim url As String = http://localhost/reportserver?/Reports/Sales
> Invoice&ORDER_ID=1879&rs:Format=PDF
> Dim myWebClient As New WebClient
> myWebClient.Credentials = CredentialCache.DefaultCredentials
> myResponse = myWebClient.DownloadData(url)
> Response.ContentType = "application/pdf"
> Response.AddHeader("content-disposition", "attachment; filename=Sales
> Invoice.PDF")
> Response.BinaryWrite(myResponse)
> But got the error "The remote server returned an error: (403) Forbidden"
> I have included "<identity impersonate="true"/>" in Web.Config File.
> This Error is because the Credentials is null. I don't know why the
> credentials are null even after I use myWebClient.Credentials => CredentialCache.DefaultCredentials
> The same code works if I Create new Credentials specifying UserName and
> Password. But I am cannot specify Username and password. The Application
> has take the credentials from the server.
> (2) Why can't I use the following one line of code(This works, I want to
> know are there any kind issues with
> this)Response.Redirect(http://localhost/reportserver?/Reports/Sales
> Invoice&ORDER_ID=1879&rs:Format=PDF)
> (3) What are other ways to integrate reports with ASP.NET Web Form.
> (4)I need to deploy the Reports that I created in my machine to the server
> I tried to deploy setting TargetServerURL=http://servername/ReportServer
> in Project Properties, but got the error
> "The permissions granted to user are insufficient for performing this
> operation". What kind of permissions are required.
> (5)What are different ways to deploy Reports on a Server.
>|||For deploying you should have rights in the report server to deploy report.
Log on to the machine to which you are tryiong to deploy , open the report
manager and under security add yourself as a user with deployment rights.
Reponse.Redirect works fine for me. also have you tried using report viewer
HTH
"Kiran" <Kiran@.nospam.net> wrote in message
news:O7VH3Z35EHA.1564@.TK2MSFTNGP09.phx.gbl...
> Hi,
> I have my reports at http:\\localhost\ReportServer and need to use them in
> ASP.NET Web Form.I have a few questions reg. this
> --> I want to generate a PDF when a button labeled "Generate Report"
> is clicked"
> (1) I tried this using the below code:
> Dim myResponse As Byte()
> Dim url As String = http://localhost/reportserver?/Reports/Sales
> Invoice&ORDER_ID=1879&rs:Format=PDF
> Dim myWebClient As New WebClient
> myWebClient.Credentials = CredentialCache.DefaultCredentials
> myResponse = myWebClient.DownloadData(url)
> Response.ContentType = "application/pdf"
> Response.AddHeader("content-disposition", "attachment; filename=Sales
> Invoice.PDF")
> Response.BinaryWrite(myResponse)
> But got the error "The remote server returned an error: (403) Forbidden"
> I have included "<identity impersonate="true"/>" in Web.Config File.
> This Error is because the Credentials is null. I don't know why the
> credentials are null even after I use myWebClient.Credentials => CredentialCache.DefaultCredentials
> The same code works if I Create new Credentials specifying UserName and
> Password. But I am cannot specify Username and password. The Application
> has take the credentials from the server.
> (2) Why can't I use the following one line of code(This works, I want to
> know are there any kind issues with
> this)Response.Redirect(http://localhost/reportserver?/Reports/Sales
> Invoice&ORDER_ID=1879&rs:Format=PDF)
> (3) What are other ways to integrate reports with ASP.NET Web Form.
> (4)I need to deploy the Reports that I created in my machine to the server
> I tried to deploy setting TargetServerURL=http://servername/ReportServer
> in Project Properties, but got the error
> "The permissions granted to user are insufficient for performing this
> operation". What kind of permissions are required.
> (5)What are different ways to deploy Reports on a Server.
>
Posted by Unknown at 4:12 AM 0 comments
Labels: , , , , , , , , , , , , , , , ,

integrate report manager in an asp.net application

I thought I can probably find out how the report manager works and create a similar application so that I can define my own things in there.

Looks like there is no sample where I could get a lead. Now I have decided if I can include the report manager in a new aspx page in my application and disable the stuff which is not required by the user to look at it.

I can definitely include the report manager url in the Iframe but how do I disable the stuff from the report manager.

Please help, I am having real hard time.

Thanks in advance.

There is no way that I know of to customize report manager and include its functionality in your own app like you would a control.

Have you looked at the report viewer web control? If you need to integrate report viewing and report export capability in your asp.net application, it is very powerful. You could use this, along with the available Web services in reporting services to build your own version of the report manager in asp.net with most, if not all of the same functionality.

A link to the report viewer control:

http://msdn2.microsoft.com/en-us/library/ms251671(VS.80).aspx

A link to the web services provided by report server:

http://msdn2.microsoft.com/en-us/library/ms154697.aspx

Posted by Unknown at 4:12 AM 0 comments
Labels: , , , , , , , , , , , , , ,

integrate report manager in an asp.net application

I thought I can probably find out how the report manager works and create a similar application so that I can define my own things in there.

Looks like there is no sample where I could get a lead. Now I have decided if I can include the report manager in a new aspx page in my application and disable the stuff which is not required by the user to look at it.

I can definitely include the report manager url in the Iframe but how do I disable the stuff from the report manager.

Please help, I am having real hard time.

Thanks in advance.

There is no way that I know of to customize report manager and include its functionality in your own app like you would a control.

Have you looked at the report viewer web control? If you need to integrate report viewing and report export capability in your asp.net application, it is very powerful. You could use this, along with the available Web services in reporting services to build your own version of the report manager in asp.net with most, if not all of the same functionality.

A link to the report viewer control:

http://msdn2.microsoft.com/en-us/library/ms251671(VS.80).aspx

A link to the web services provided by report server:

http://msdn2.microsoft.com/en-us/library/ms154697.aspx

Posted by Unknown at 4:12 AM 0 comments
Labels: , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)