I am trying to implement the forms authentication (using the MSDN custom
security extension), to enable a single sign-on (SSO) between our web
application and RS. SSO works fine when both application and RS are on the
same machine. However, I haven't made SSO work when RS is on a different
machine. The RS login page always asks for credentials everytime I try to
generate a report through URL.
Based on some posts here, and MSDN suggestions, I have:
1. Modified the TranslateCookie methods and explicitly assigned our domain
name to netCookie.domain, and remove the conditional statements right after
it.
netCookie.domain = ".domain";
note: I am still testing on local domains (computername.domain). I
wonder if this is causing the problems. When deployed to production, this
will be something like appname.domain.com and reports.domain.com.
netCookie.domain = ".domain.com";
2. Modified both (our app and RS) web.config to have identical keys, based
on MSDN suggestion below.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconformsauthenticationacrossapplications.asp
3. Changed SessionState to "StateServer". Is this really needed?
Am I missing something else? I have included the IIS logs for more
information. RS is installed on a Win2K server and is not (yet) using SSL.
Need help badly. TIA.
#----
--
#Software: Microsoft Internet Information Services 5.0
#Version: 1.0
#Date: 2004-08-06 05:52:27
#Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem
cs-uri-query sc-status sc-win32-status cs(Cookie)
2004-08-06 05:52:27 192.168.15.14 - 192.168.15.156 80 GET /Default.htm - 200
0 -
2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
/reportserver/ReportService.asmx - 200 0 -
2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
/reportserver/ReportService.asmx - 200 0
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
/reportserver/ReportService.asmx - 200 0
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
#----
--Addendum:
I have viewed the IIS logs on both client machine (where web app is) and RS
server. It seems that the sqlAuthCookie was passed backed properly, from
the RS server, yet it still asks for credentials. See below.
IIS log from RS server:
2004-08-06 13:49:34 192.168.15.155 - 192.168.15.156 80 POST
/reportserver/ReportService.asmx - 200 0
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
IIS log from client machine:
2004-08-06 13:49:34 192.168.15.155 POST /AAWeb/Login.aspx 302 0
ASP.NET_SessionId=3fhfoi55rbf4fiuvhaasi3rz
2004-08-06 13:49:34 192.168.15.155 GET /aaweb/default.aspx 200 0
ASP.NET_SessionId=3fhfoi55rbf4fiuvhaasi3rz;+sqlAuthCookie=09D2336BF9DC41B350
67D85F16F19C522D5C1F393C96D4956B795C69DD69F2CD7708825305DDA8C10E3489937AEE3D
8FA1F8976C88A848B1775351841B8A3BE9;+ASPXAUTH=D1226A0765C1A3CD447D1F329197886
8DB7478ED7CD849801633588BE5E6FF434B90ECF0344099C2E9341CD4F700AD5ADCDE0EC8F72
6B225E630F46A6947658C30AD53F0E628F6D1
"TechnoSpyke" <technospyke@.yahoo.com> wrote in message
news:OYRMCt8eEHA.704@.TK2MSFTNGP09.phx.gbl...
> I am trying to implement the forms authentication (using the MSDN custom
> security extension), to enable a single sign-on (SSO) between our web
> application and RS. SSO works fine when both application and RS are on
the
> same machine. However, I haven't made SSO work when RS is on a different
> machine. The RS login page always asks for credentials everytime I try to
> generate a report through URL.
> Based on some posts here, and MSDN suggestions, I have:
> 1. Modified the TranslateCookie methods and explicitly assigned our
domain
> name to netCookie.domain, and remove the conditional statements right
after
> it.
> netCookie.domain = ".domain";
> note: I am still testing on local domains (computername.domain). I
> wonder if this is causing the problems. When deployed to production, this
> will be something like appname.domain.com and reports.domain.com.
> netCookie.domain = ".domain.com";
> 2. Modified both (our app and RS) web.config to have identical keys,
based
> on MSDN suggestion below.
>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconformsauthenticationacrossapplications.asp
> 3. Changed SessionState to "StateServer". Is this really needed?
> Am I missing something else? I have included the IIS logs for more
> information. RS is installed on a Win2K server and is not (yet) using
SSL.
> Need help badly. TIA.
>
#----
> --
> #Software: Microsoft Internet Information Services 5.0
> #Version: 1.0
> #Date: 2004-08-06 05:52:27
> #Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem
> cs-uri-query sc-status sc-win32-status cs(Cookie)
> 2004-08-06 05:52:27 192.168.15.14 - 192.168.15.156 80 GET /Default.htm -
200
> 0 -
> 2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
> /reportserver/ReportService.asmx - 200 0 -
> 2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
> /reportserver/ReportService.asmx - 200 0
>
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
> CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
> 2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
> /reportserver/ReportService.asmx - 200 0
>
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
> CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
>
#----
> --
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment