git/gitflow/gitlib>> ms-ssrs-2014-custom-security>> 返回
项目作者: chunlampang

项目描述 :
Microsoft SQL Server Reporting Services 2014 Custom Security Sample.
高级语言: C#
项目地址: git://github.com/chunlampang/ms-ssrs-2014-custom-security.git
创建时间: 2019-07-15T03:16:27Z
项目社区:https://github.com/chunlampang/ms-ssrs-2014-custom-security
开源协议:MIT License
下载


Microsoft SQL Server Reporting Services 2014 Custom Security Sample

As the other sample SQL server version are < 2014 or > 2014, I created this sample.

Download Microsoft SQL Server 2014 + Reporting Services

Download and install ExpressAdv from:
https://www.microsoft.com/en-us/download/details.aspx?id=42299

The following path will use 🔸 to represent the install path.\
The default install path may look like:

  1. C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services

Original Source

https://archive.codeplex.com/?p=msftrsprodsamples

I have removed the database connection part from the sample, and hard coded the user verification to true. You may find “todoooooooooooooooooooo” from the code and replace with your custom security rule.

Deployment

If the Microsoft.ReportingServices.Interfaces is missing, add it from 🔸\ReportServer\bin\Microsoft.ReportingServices.Interfaces.dll

Build and copy the following file to the specific directory:\
Logon.aspx -> 🔸\ReportServer\
UILogon.aspx -> 🔸\ReportMnager\Pages\
Microsoft.Samples.ReportingServices.CustomSecurity.dll, Microsoft.Samples.ReportingServices.CustomSecurity.pdb -> 🔸\ReportServer\bin\
Microsoft.Samples.ReportingServices.CustomSecurity.dll, Microsoft.Samples.ReportingServices.CustomSecurity.pdb -> 🔸\ReportManager\bin

Configuration

Before modify the following configuration files, please create a copy for backup.

🔸\ReportServer\rsreportserver.config

Replace Configuration.Authentication to:

  1. <Authentication>
  2.     <AuthenticationTypes>
  3.         <Custom></Custom>
  4.     </AuthenticationTypes>
  5.     <EnableAuthPersistence>true</EnableAuthPersistence>
  6.     <RSWindowsExtendedProtectionLevel>Off</RSWindowsExtendedProtectionLevel>
  7.     <RSWindowsExtendedProtectionScenario>Proxy</RSWindowsExtendedProtectionScenario>
  8. </Authentication>

Replace Configuration.Extensions.Security to:\
(For the AdminConfiguration.UserName, you may replace the value to your admin user name.)\
(Use need to assess the Report Manager by admin account for kick-up.)

  1. <Security>
  2.     <Extension Name="Forms" Type="Microsoft.Samples.ReportingServices.CustomSecurity.Authorization, Microsoft.Samples.ReportingServices.CustomSecurity" >
  3.         <Configuration>
  4.             <AdminConfiguration>
  5.                 <UserName>admin</UserName>
  6.             </AdminConfiguration>
  7.         </Configuration>
  8.     </Extension>
  9. </Security>

Replace Configuration.Extensions.Authentication to:

  1. <Authentication>
  2.     <Extension Name="Forms" Type="Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationExtension,Microsoft.Samples.ReportingServices.CustomSecurity" ></Extension>
  3. </Authentication>

Replace Configuration.UI to:\
(Set UseSSL to false if not using SSL)\
(Set <IP> to your report server IP)

  1. <UI>
  2.     <CustomAuthenticationUI>
  3.         <loginUrl>/Pages/UILogon.aspx</loginUrl>
  4.         <UseSSL>True</UseSSL>
  5.     </CustomAuthenticationUI>
  6.     <ReportServerUrl>http://<IP>/ReportServer</ReportServerUrl>
  7. </UI>

🔸\ReportServer\rssrvpolicy.config

Set PermissionSetName="FullTrust" to configuration.mscorlib.security.policy.PolicyLevel.CodeGroup

  1. <CodeGroup
  2.         class="FirstMatchCodeGroup"
  3.         version="1"
  4.         PermissionSetName="FullTrust">

Append following CodeGroup to configuration.mscorlib.security.policy.PolicyLevel\
(Remind: replace <install path> to your install path)

  1. <CodeGroup
  2.         class="UnionCodeGroup"
  3.         version="1"
  4.         Name="SecurityExtensionCodeGroup"
  5.         Description="Code group for the custom security extension"
  6.         PermissionSetName="FullTrust">
  7.     <IMembershipCondition
  8.             class="UrlMembershipCondition"
  9.             version="1"
  10.             Url="<install path>\ReportServer\bin\Microsoft.Samples.ReportingServices.CustomSecurity.dll" />
  11. </CodeGroup>

🔸\ReportServer\web.config

Replace configuration.'system.web'.authentication to:

  1. <authentication mode="Forms">
  2.     <forms loginUrl="logon.aspx" name="sqlAuthCookie" timeout="60" path="/"></forms>
  3. </authentication>
  4. <authorization>
  5.     <deny users="?" ></deny>
  6. </authorization>

🔸\ReportManager\rsmgrpolicy.config

Set PermissionSetName="FullTrust" to configuration.mscorlib.security.policy.PolicyLevel.CodeGroup

  1. <CodeGroup 
  2.         class="FirstMatchCodeGroup"
  3.         version="1"
  4.         PermissionSetName="FullTrust">

Set PermissionSetName="FullTrust" where Description=”This code group grants MyComputer code Execution permission. “

  1. <CodeGroup 
  2.         class="FirstMatchCodeGroup" 
  3.         version="1" 
  4.         PermissionSetName="FullTrust"
  5.         Description="This code group grants MyComputer code Execution permission. ">

🔸\ReportManager\Web.config

Replace configuration.'system.web'.authentication & configuration.'system.web'.identity to:

  1. <authentication mode="Forms" ></authentication>
  2. <identity impersonate="false" ></identity>

Append following to configuration.appSettings\
(If you are using default instance: MSSQLSERVER, the instance name will be RS_MSSQLSERVER)

  1. <add key="ReportServer" value="<Your PC Machine Name>"/>
  2. <add key="ReportServerInstance" value="<Instance Name>"/>