Web Service Authentication

You can use either Windows Authentication or Basic authentication to authenticate the calls made to the Report Server Web service. Any client that makes SOAP requests to the report server must implement the client portion of one of the supported authentication protocols. If you are using the Microsoft .NET Framework, you can use the managed code HTTP classes to implement authentication. Using these APIs makes it easy to send authentication information along with the SOAP requests.

If you do not have appropriate credentials before you make a call to the Report Server Web service, the call fails. At run time, you can pass credentials to the Web service by setting the Credentials property of the client-side object that represents the Web service before you call its methods.

Note

The authentication method that you use depends on the security settings for your report server virtual directory in Microsoft Internet Information Services (IIS). For more information about virtual directory security, see the IIS documentation.

The following sections contain example code that sends credentials using the .NET Framework.

Windows Authentication

The following code passes Windows credentials to the Web service.

 [Visual Basic]
Dim rs As New ReportingService()
rs.Credentials = System.Net.CredentialCache.DefaultCredentials
ReportingService rs = new ReportingService();
rs.Credentials = System.Net.CredentialCache.DefaultCredentials;

Basic Authentication

The following code passes Basic credentials to the Web service.

Dim rs As New ReportingService()
rs.Credentials = New System.Net.NetworkCredential("username", "password", "domain")
ReportingService service = new ReportingService();
service.Credentials = new System.Net.NetworkCredential("username", "password", "domain");

The credentials must be set before you call any of the methods of the Report Server Web service. If you do not set the credentials, you receive the error code an HTTP 401 Error: Access Denied. You must authenticate the service before you use it, but after you have set the credentials, you do not need to set them again as long as you continue to use the same service variable (such as rs).

Custom Authentication

Reporting Services includes a programming API that provides developers with the opportunity to design and develop custom authentication extensions, known as security extensions. For more information, see Implementing a Security Extension.

See Also

Other Resources

Building Applications Using the Web Service and the .NET Framework
Report Server Web Service

Help and Information

Getting SQL Server 2005 Assistance