Hiding or Encrypting parameter value in report server url
-
Hi ,
I'm accessing the reports from my web application by forming the url like below
http://localhost/reportserver?/TestReports/Report1&WO_Id=1
where WO_Id is the report parameter.
Now in the address bar of the report server user can easily change the parameter value and they can able to see the report for other values.
I like to restrict that.
Kindly help me to solve this issue
-----------------------------------------------------------------------------------------------------------------------------------------------------------
Please feel free to let me know if you are not clear or I’ve misunderstood anything.Thanks,
Arunkumar S P
-
Hi,
I have got the same problem with my reports now,
Please let me know if you got or find any solution for this.
your help will be greatly appreciated.
Thanks
Lakki
-
Hi,
if you can change the query of your report and the table it queries isn't to big, you can try to hide the easily guessed value for your parameter in a hash function like so:
declare @id int = 1;select cast(HASHBYTES('MD5',CAST(@id as nvarchar(50)) )as bigint) as ID_HASH
The problem is, that you have to compare it in your WHERE clause against hash values for all rows of your column, which can be quite an overhead...
Lars
- Arunkumar S P - Tuesday, July 21, 2009 8:08 AM
I have this same issue did you find a solution? Thanks for any insight you can give.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply