sql-server - 如何在 SSRS 2008 RS 中配置/启用基于表单的身份验证

Question

我有两份报告，一份针对内部用户，另一份针对外部用户，

对于内部用户，我需要启用表单例份验证才能查看报告，而不是在服务器中创建用户帐户。

对于外部用户我不想启用任何身份验证，以便他们无需任何身份验证即可从浏览器访问报告。

我按照以下步骤使用以下链接中的 SSRS 示例进行操作，在完成所有更改后，我收到 HTTP500 错误。请帮助启用此基于表单的身份验证。

修改RSReportServer.config文件

第 1 步:-

<Authentication>
    <AuthenticationTypes> 
        <Custom/>
    </AuthenticationTypes>
    <EnableAuthPersistence>true</EnableAuthPersistence>
</Authentication>

第 2 步:-

<Security>
    <Extension Name="Forms" 
Type="Microsoft.Samples.ReportingServices.CustomSecurity.Authorization, 
Microsoft.Samples.ReportingServices.CustomSecurity" >
        <Configuration>
            <AdminConfiguration>
                <UserName>username</UserName>
            </AdminConfiguration>
        </Configuration>
    </Extension>
</Security>
<Authentication>
    <Extension Name="Forms" Type="Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationExtension, Microsoft.Samples.ReportingServices.CustomSecurity" />
</Authentication>

第 3 步:-

<UI>
    <CustomAuthenticationUI>
        <loginUrl>/Pages/UILogon.aspx</loginUrl>
        <UseSSL>True</UseSSL>
    </CustomAuthenticationUI>
    <ReportServerUrl>http://<server>/ReportServer</ReportServerUrl>
</UI> 

修改RSSrvPolicy.config文件

第 4 步:-

<CodeGroup
class="UnionCodeGroup"
version="1"
Name="SecurityExtensionCodeGroup"
Description="Code group for the sample security extension"
PermissionSetName="FullTrust">
    <IMembershipCondition 
    class="UrlMembershipCondition"
    version="1"
    Url="C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.Samples.ReportingServices.CustomSecurity.dll"
    />
</CodeGroup> 

修改RSMgrPolicy.config文件

第 5 步:-

<CodeGroup 
class="FirstMatchCodeGroup" 
version="1" 
PermissionSetName="FullTrust"
Description="This code group grants MyComputer code Execution permission. ">
    <IMembershipCondition 
    class="ZoneMembershipCondition"
    version="1"
    Zone="MyComputer" /> "}*To use Forms Authentication, you need to modify the Web.config files for Report Manager and Report Server

修改报表服务器的Web.config文件

第 6 步:-

<authentication mode="Forms">
    <forms loginUrl="logon.aspx" name="sqlAuthCookie" timeout="60" path="/">        
    </forms>
</authentication>
Add the following <authorization> element directly after the <authentication> element.
<authorization> 
    <deny users="?" />
</authorization>. 

报表管理器的Web.config文件

第 7 步:-

Disable impersonation by locating the section <identity impersonate= "true" /> and changing it to the following: <identity impersonate="false" />.
Locate the <authentication> element and change the Mode attribute to Forms.
Add the following keys to the <appSettings> element.
<add key="ReportServer" value="<Server Name>"/>
<add key="ReportServerInstance" value="<Instance Name>"/>

引用网址https://msftrsprodsamples.codeplex.com/wikipage?title=SS2008R2%21Security%20Extension%20Sample&FocusElement=Comment

执行完上述所有步骤后，当我尝试注册用户时，我收到名为“不支持关键字:'mssqlserver;集成安全性”的错误。

Answer 1

请检查此设置以直接访问而无需表单例份验证。

<allow users="*" />

选中此行以显示表单例份验证。

<deny users="?" /> 

应用程序中的 web.config 设置。

 <authorization>
        <allow roles="Administrator" />
        <allow users="*" />
    </authorization>

    <authentication mode="Forms">
        <forms timeout="500000" loginUrl="Login.aspx" />
    </authentication>



    <system.web>
         <httpHandlers>
                <remove verb="*" path="*.asmx" />
                <add verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"   validate="false" />
                <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
                <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
                <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false" />
            </httpHandlers>
            <httpModules>
                <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
            </httpModules>
            <webServices>
                <protocols>
                    <add name="HttpGet" />
                    <add name="HttpPost" />
                </protocols>
            </webServices>
        </system.web>