Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
anupagrawal77
Regular Visitor

Custom Authorization in Power Bi Report Server

‎08-09-2018 10:52 PM

I need to implement custom security in reporting services. I have followed the standard example here:

https://github.com/Microsoft/Reporting-Services/tree/master/CustomSecuritySample



I got authentication to work without too many problems, and it authenticates by querying my custom table. I want to also maintain my authorizations in the same manner. I want to be able to define in my own tables that user test1 has permission to view reports 1, 3, 5, and 8. User test2 can view reports 1,3,5,8, and 9. User test3 can view 1, 2, and 4. Etc.

The authorization extension, contained in my version of Authorization.cs is where I expected to be able to do this. I wanted to be able to write code that queries my own tables and says, "does this user have permission to view this item?" Getting the this user portion is easy as is obvious in the many checkAccess methods. But being able to tell what item I am currently dealing with has proved impossible from the context of Authorization.cs, which implements IAuthorizationExtension. Knowing what type of item I am dealing with is obvious, but I need to know something that uniquely identifies the exact item I am dealing with.

How can I determine in checkAccess or any of the other available methods what "thing" they are looking at? What can I examine to determine that for instance this particular authorization request is against "Report 1"? It seems that if I was allowed to completely override Authentication to use my tables, I should be able to override Authorization to do the same. Is this possible or am I missing something?

Labels:
Message 1 of 2
1,297 Views
0
1 REPLY 1
annucsb
Frequent Visitor

‎12-06-2018 01:09 PM

I have the same issue.  I am trying to get the name of the item from the CheckAccess methods and then use authorization data not stored in in report server database to authorize the request. 

 

Based on this post, it looks like this is no longer possible.  

https://social.technet.microsoft.com/Forums/en-US/f474ba23-7e8d-4c6b-ad41-b2327956226b/sql-2016-repo...

 

Has anyone found a way to get the name of a resource from AceCollection passed to the CheckAccess methods?

Message 2 of 2
1,202 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All