 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
SQL Server Forum / Services / Reporting Services / March 2005Customer Accounts Report
I am on security doubt on how to design a report that must show the accounts of a customer. I have an aspx page showing the customer info , then he must push a button a see its accounts on a report generated by Reporting Services. Obviously the report can not be accesed via a Customer parameters because another users could see any customer 's accounts. How can i solve it. I am thinking in generating a temp table with a random id an pass it by parameter, but it is only so as to reduce an intruder access. Thanks Hi Fernando, If you are using ASP.NET you have more than one option: 1.- Storing in Sessions variables 2.- Using QueryString 3.- Using Server side code (static variables) 4.- Change the report viewer (passsing SOAP params) The fact is the report params does not to be part of the URL you can easily hide them using multiples techniques, depends how your app is designed you may use some of them. Thanks Jerry -- You can use this example to show you how to call the report params. http://www.rdlcomponents.com/ASPExamples/Default.aspx?sm=b1_a > I am on security doubt on how to design a report that must show the accounts > of a customer. [quoted text clipped - 8 lines] > > Thanks Thats true we have multiples techniques to pass parameters but not to avoid access to those public parameters. When a report is deployed , anyone (authenticated) can access to the report and can access a report via URL and with the posibility of changing any parameter value via URL. That 's what i want to avoid. I am trying to investigate doing it with a DataProcessingExtension Thanks. > Hi Fernando, > [quoted text clipped - 27 lines] > > > > Thanks Check out this link: http://www.codeproject.com/useritems/SQLRSViewer.asp#TheCodeBehind It's an ASP.NET app that lets you recreate the entire look of the report viewer. It also give you flexibilty in what you feed the report. I was able to use this program and feed in my own parameters. The report will display and no parameters are visible in the URL. Look for the variable 'reportParameterValues2' in the code. It's a array that stores the parameters for your report. Hope this helps, or at least gets you started. > Thats true we have multiples techniques to pass parameters but not to avoid > access to those public parameters. [quoted text clipped - 37 lines] > > > > > > Thanks Yes, i previously took a look a this project, but that is another client solution wher you can pass parameters to a public report. > Check out this link: > [quoted text clipped - 52 lines] > > > > > > > > Thanks Ok. I decided to write some sample code for the solution i was thinking about generating a temp table with a random id an pass it by parameter, or something like this. I 'll publish it in somewhere. I 'll go on writing on my blog http://msdevelopers.blogspot.com/2005/03/reporting-services-filtering.html Fernando Hunth Senior Developer Huddle Group S.A. fernando@huddle.com.ar Huddle Group S.A. | Enterprise Technology Services Microsoft Certified Partner Ciudad de Buenos Aires · Argentina www.huddle.com.ar > I am on security doubt on how to design a report that must show the accounts > of a customer. [quoted text clipped - 8 lines] > > Thanks |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.