Secure support for external users If you want

Secure support for external users If you want to support external users but don t want to code a custom security extension, you can use Windows authentication or Microsoft Active Directory. The following guidelines describe how to support this scenario: 1. Create a low-privileged domain user account with read-only permissions. The account must have access to the computer hosting the report server. Provide a custom Web form so that users can log on using the low-privileged domain account. 2. Create role assignments that map the user account to specific items in the report server folder hierarchy. You can limit access to read-only operations by choosing as the role assignment the predefined Browser role. 3. Configure reports to use stored credentials to get data for the report. This approach is useful if you want to query the external data source using an account that is different from the account that allows access to the report server. Understanding data security You can restrict which users see specific data within a report, which is a finer grain of security than the role assignments. Role assignments will determine if the report can be run at all by a particular user assigned to a specific role with specific permissions. Consider the expression =User!UserID. This expression returns the user ID of the person running the report. You can utilize this parameter value with a custom permissions table of your design that associates which users can see specific groups of data within the system. For example, if you have an office sales results report that filters on the salesman ID requesting the report, you can define in a permissions table in your database which user IDs have access to which office sales information. In this Permissions table, you need to associate the Windows username with the permission level relevant to your application database. For example, assume that you want to control which users are able to see sales data for specific offices within your application. When you define the dataset used to prompt the user for which office to select, you can add a permissions table with at least two columns: user and office. The table is populated with the combination of users that have access to specific office sales Chapter 13: Securing Report Server 255

Note: If you are looking for good and high quality web space to host and run your application check Lunarwebhost Inexpensive Web Hosting services

Bookmark the permalink.

Comments are closed.