Friday, March 9, 2012

permissions

Hi,
I am sending parameters to the report from asp.net.
In my aspx pages I have a permission check where I check whether or not the
user can access the page:
Dim myCurrentUser As PnClassLib.currentUser
If IsNothing(Session("currUserObj")) Then
Page.Response.Redirect("../AccessDenied.aspx")
I want to add the above to rss so that if the user didn't login or if he
doesn't have the right permissions he won't be able to view the report.
Is it possible to do that in rss?
ThanksRS supports login permissions directly, so you could just add the
appropriate permissions.
Another thing you could do is to put an Asp.net page in front of the report,
and do the checking/redirecting or call the report from your asp.netpage...
--
Wayne Snyder, MCDBA, SQL Server MVP
Mariner, Charlotte, NC
www.mariner-usa.com
(Please respond only to the newsgroups.)
I support the Professional Association of SQL Server (PASS) and it's
community of SQL Server professionals.
www.sqlpass.org
"collie" <collie@.discussions.microsoft.com> wrote in message
news:7EC86BD7-099C-448C-841B-409FA4F7294B@.microsoft.com...
> Hi,
> I am sending parameters to the report from asp.net.
> In my aspx pages I have a permission check where I check whether or not
> the
> user can access the page:
> Dim myCurrentUser As PnClassLib.currentUser
> If IsNothing(Session("currUserObj")) Then
> Page.Response.Redirect("../AccessDenied.aspx")
> I want to add the above to rss so that if the user didn't login or if he
> doesn't have the right permissions he won't be able to view the report.
> Is it possible to do that in rss?
> Thanks
>|||Thanks for the reply.
I am redirecting the user to the report from asp.net. In asp.net I check if
the user logged in and who he is and if he has the right permissions he can
select parameters from asp.net and sent them to the report.
The problem is that anyone can cut and paste the address line in the browser
without first having logged in and be able to view the report.
I need to prevent this from happening.
Is it possible in the report itself to add something like this:
Dim myCurrentUser As PnClassLib.currentUser
If IsNothing(Session("currUserObj")) Then
Page.Response.Redirect("../AccessDenied.aspx")
Thanks
"Wayne Snyder" wrote:
> RS supports login permissions directly, so you could just add the
> appropriate permissions.
> Another thing you could do is to put an Asp.net page in front of the report,
> and do the checking/redirecting or call the report from your asp.netpage...
> --
> Wayne Snyder, MCDBA, SQL Server MVP
> Mariner, Charlotte, NC
> www.mariner-usa.com
> (Please respond only to the newsgroups.)
> I support the Professional Association of SQL Server (PASS) and it's
> community of SQL Server professionals.
> www.sqlpass.org
> "collie" <collie@.discussions.microsoft.com> wrote in message
> news:7EC86BD7-099C-448C-841B-409FA4F7294B@.microsoft.com...
> > Hi,
> >
> > I am sending parameters to the report from asp.net.
> > In my aspx pages I have a permission check where I check whether or not
> > the
> > user can access the page:
> > Dim myCurrentUser As PnClassLib.currentUser
> > If IsNothing(Session("currUserObj")) Then
> > Page.Response.Redirect("../AccessDenied.aspx")
> >
> > I want to add the above to rss so that if the user didn't login or if he
> > doesn't have the right permissions he won't be able to view the report.
> >
> > Is it possible to do that in rss?
> >
> > Thanks
> >
>
>

No comments:

Post a Comment