I am exploring power bi embedded and on premises report server.
I like the report server as it can be customized with our company colors and logo...
I installed it on a VM in Azure that is not connected to our AD (stand alone server).
I deployed my report that is using Azure Analysis service tabular cube as data source with RLS...
I managed to get the report show just after I set up BASIC username password authentication to the data source as the VM is not part of our AD. (Please don’t suggest to connect it to AD as I will have a problem to use IIS on public network)
in such when I use Username() function in Power bi I always get the user account that is used above for the data source authentication. As it is basic authentication and not windows authentication, I cannot use impersonate.
I want to share those report with customers and filter the report per the customer table.
I don’t want to have every customer user as guest user in our AD for RLS, when the ideal will be one set of username and password for each customer. It will need to be opened in iFrame in another website that handle the customer authentication.
customers login with username that is NOT an Email and there for I cannot use such as RLS roll.
The way I think doing it is to take the username from the SESSION and open report server in iFrame with a dynamic filter based on the SESSION username.
user Liorh logged in to the site.
when open the the report page I will open the report from report server with filter customer=consto for showing just consto data.
is there anyway to prevent the customer from taking such filter from the browser source code and change it to view other customer data?
is there a way to connect from stand alone report server to Azure Analysis service using windows authentication if the server is not connected to the AD forest? (I think Kerberos not work for Azure Analysis service)
Is there a way in DAX to get the session user (the one that logged in to the web page and not the one that is used to connect to the cube)?