How to configure a Sql Server Reporting Services instance to use Basic authentication
Below the steps to follow:
- Open
RSReportServer.config
in a text editor. The file is located at\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer
. - Find
- Copy one of the following XML structures that best fits your needs. The first XML structure provides placeholders for specifying all of the elements, which are described in the next section:
<Authentication> <AuthenticationTypes> <RSWindowsBasic> <LogonMethod>3</LogonMethod> <Realm></Realm> <DefaultDomain></DefaultDomain> </RSWindowsBasic> </AuthenticationTypes> <EnableAuthPersistence>true</EnableAuthPersistence>
If you are using default values, you can copy the minimum element structure:
<AuthenticationTypes>
<RSWindowsBasic/>
</AuthenticationTypes>
- Paste it over the existing entries for .
If you are using multiple authentication types, add just the RSWindowsBasic element but do not delete the entries for
RSWindowsNegotiate
,RSWindowsNTLM
, orRSWindowsKerberos
.
To support the Safari browser, you cannot configure the report server to use multiple authentication types. You must specify only RSWindowsBasic and delete the other entries.
Note that you cannot useCustom
with other authentication types. - Replace empty values for
<Realm>
or<DefaultDomain>
with values that are valid for your environment. - Save the file.
- If you configured a scale-out deployment, repeat these steps for other report servers in the deployment.
- Restart the report server to clear any sessions that are currently open.
Notes
Basic auth type exchanges a base64
encoded password, which assure no protection during the handshake. In order to obtain a good level of security, the whole auth process should only take place behind an SSL secured connection.