Integrated Security can only be used in two contexts: when inside Visual Studio (which, since it is a Windows Application, can directly use your network token to connect to the remote database), or when IIS and SQL Server are on the same production machine. Lesson 3: Credential Delegation/Impersonation ("Double Hop") You should be able to use a different SQL Server account in production than in development, but I had occasional problems I couldn't explain when I tried to do so. When using SQL Server authentication, I found it was also best if there was a SQL Server login account with the same user name on my dev database as well as the production database. You can check by right-clicking the connection in Server Explorer and choosing “properties.” If you're using a SQL Server account, you'll see a user name if using Integrated Security, the user name will not appear. I could then make a fresh connection to the database using the credentials I wanted. The CR designer caches database connection information, so I have found it best to completely delete all current connections and then exit and reopen Visual Studio before designing my report. If you will be using a SQL Server account in production, it is very important that you use this account's credentials to connect to the database during the design phase. This means that if you design your report using Integrated Security, you must supply a domain user's credentials in code to log on to the SQL Server (you can change the user, but it must be a domain account). The Crystal Reports engine cannot switch from Integrated Security to SQL Server security. Lesson 2: Only One Security Model Allowed The security method you choose at this point is the security method you must use when you generate your report, as we'll see in Lesson 2. This means you must apply logon information to each table at runtime as shown in Eric's article. The password is only used to establish the database connection. Even though you must enter a password at this stage, the password information is not stored within the report file for security reasons. This information in these textboxes can only be used for SQL Server authentication. You cannot enter another domain account in the user ID and password boxes and connect using those credentials via Windows Authentication. If you choose to enter a user ID and password, VS will connect using SQL Server authentication. If you choose Integrated Security, Visual Studio will use your credentials to connect to the SQL Server database via Windows Authentication. Your choices are to use Integrated Security or to enter a user ID and password. When you begin to design your report, you are prompted to connect to the SQL Server database when you choose an OLEDB connection (CR.NET doesn't use ADO.NET, and ODBC requires a system DSN). Lesson 1: Integrated or SQL Server Security I probably created this report 20 different ways, testing various options, and here's what I found. I created a stored procedure that was just a simple SELECT statement, and used this stored procedure as my report source (“pull“ method). To replicate the problem, I used an ASP.NET project connecting to either a remote production SQL Server database or a copy of the same database on my development machine (SQL Server Developer Edition). I had a suspicion that impersonation and the “double hop“ (where the ASP.NET application cannot pass the user's credentials) may play a role in this problem, since the methods in Eric's article don't solve the problem for every user it should. Since I use the “push” method (generating an ADO.NET dataset first, then setting the report's DataSource), I never saw this error, but I decided to try and replicate the problem to see why this was happening-it seems to be a popular error. NET,” Eric Landes points out that he sees questions regarding the “Exception Details: : Logon failed” message quite often in the newsgroups. In his “Troubleshooting Database Login Errors using Crystal Reports with.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |