Monday, February 28, 2011

Security Overview for Reporting Services in SharePoint Integrated Mode

When you configure a report server to run in SharePoint integrated mode, the report server uses the authentication provider and permissions defined in the SharePoint Web application to control access to report server items and operations.

Windows Integrated Security Using Kerberos

If the SharePoint Web application is configured for Windows Authentication using Kerberos, the connection from the SharePoint Web application to the report server can use the impersonated or delegated credentials of the current Windows user. By using Windows integrated security with Kerberos and identity delegation, you can eliminate the classic "double-hop" issue wherein Windows credentials expire after a single connection

Windows or Forms Authentication and Trusted Accounts

If the SharePoint Web application is configured for Forms authentication or for Windows Authentication using NTLM, the connection to the report server is sent across the network under a predefined trusted account that has permission to impersonate a SharePoint user on the report server.

Reference link for this post: http://msdn.microsoft.com/en-us/library/bb283324.aspx

No comments:

Post a Comment