How do I workaround this SSRS authentication exception?-Collection of common programming errors

I am trying to implement some custom security code into SSRS 2008 (not R2) to allow for Forms Authentication instead of Windows Authentication. I have based my solution on the Microsoft sample code and have managed to get most of it working absolutely fine. The only area where I’m having problems is when logging onto the actual Report Manager URL.

Issue 1 When using the URL http://localhost/Reports_MSSQL2008/ it doesn’t pick up the UILogon.aspx page that i’ve copied into the /Pages folder (as instructed by the Microsoft example). I have amended the web.config in the ReportManager folder to contain the following:


  

I have tried changing the path to match exact path of the aspx file, but still no joy !!

Issue 2 Because of the issue above, I tried just getting into UILogon and ReportManager via the URL, http://localhost/Reports_MSSQL2008/Pages/UILogon.aspx. This works in that I get to step into my custom code (UILogon.aspx.cs and IAuthorisation / IAuthentication code) and I can see it doing the following:

  • authenticating / authorising the user
  • creating the cookie
  • storing the cookie (sqlAuthCookie) on the response / request cookie container
  • performing the response.redirect to the /Folder.aspx page

Problem is, when the response.redirect comes back into the GetUserInfo() method, the HttpContext.Current.User is null, and there is no cookie anymore. Because of this, a null IIdentity is returned (cant set it to anything else !!) and SSRS throws the error…

Microsoft.ReportingServices.Diagnostics.Utilities.AuthenticationExtensionException:
The Authentication Extension threw an unexpected exception or returned a value that is not valid: identity==null.

For info – when I launch Report Builder / Visual Studio bi proj / the Web Service URL it does exactly what I require and works fine……it’s just the Report Manager thats causing the problem.