Post reply

Apparent Contradiction in SSRS Authentication

  • March 27, 2014 at 4:58 am

    #305820

    Hi,

    I think I've found an apparent contradiction in the SSRS authentication document for SQL Server 2012. Can anybody tell me whether I've misunderstood something or if this, indeed, is a mistake.

    On the RSReportServer Configuration File page (http://msdn.microsoft.com/en-us/library/ms157273.aspx), you get the following descriptions:

    RSWindowsBasic - The server accepts Basic credentials and issues a challenge/response when a connection is made without credentials. Basic authentication passes credentials in the HTTP requests in clear text. If you use Basic authentication, use SSL to encrypt network traffic to and from the report server. To view example configuration syntax for Basic authentication in Reporting Services.

    RSWindowsNTLM - The server accepts NTLM security tokens. If you remove this setting, browser support will be limited for some of the supported browser types.

    However on the Authentication with the Report Server page (http://msdn.microsoft.com/en-us/library/bb283249.aspx), you get the following:

    RSWindowsBasic - Basic authentication is defined in the HTTP protocol and can only be used to authenticate HTTP requests to the report server. Credentials are passed in the HTTP request in base64 encoding. If you use Basic authentication, use Secure Sockets Layer (SSL) to encrypt user account information before it is sent across the network. SSL provides an encrypted channel for sending a connection request from the client to the report server over an HTTP TCP/IP connection.

    RSWindowsNTLM - Uses NTLM for Windows Integrated authentication.

    The credentials will not be delegated or impersonated on other requests. Subsequent requests will follow a new challenge-response sequence. Depending on network security settings, a user might be prompted for credentials or the authentication request will be handled transparently.

    Why does one page say that it's RSWindowsBasic that issues a challenge/response while the other one says that it's RSWindowsNTLM who does that. Am I missing something or is this a Microsoft documentation blunder?

    Any help would be greatly appreciated.

  • March 31, 2014 at 7:45 am

    #1701580

    Anybody? Nobody's come across this before?

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply