I'm starting to set up reports in Reporting Services.  The MS book "SQL Server 2005 Reporting Services" recommends setting up an "application role" for accessing data within the context of the Reporting Services packages.  On first observation, it seems to produce a "workaround" on SQL Server Security.

To me this introduces some problems...

1.  It actually adds more complexity to SQL Server security since the Reporting Services security model does not seem to be tied to SQL Server Security.

2.  As more reports are added, more "report roles" need to be added to restrict access to sensitive reports.

3.  Granted I have not fully researched this but...There does not seem to be a way to use SQL Server security tools and then tell the Reporting Services tool to use Windows Integrated security...when I attempt to do this, I cannot get in through the browser on my pc (even though I have full access priviledges)...only the administrative account on the local SQL server machine appears to be able to get in.  I tried using the prompt for username/password using Windows Integrated security which does work.  However, I do not want to require the user to key in username/password for every single report...clunky!!!

It would appear that managing the data connection/access for Reporting Services will require Application Roles in order to manage security and keep the Reporting Services app from being clunky to the end user.

Just my observation at a very early point on the learning curve.