Yup... I have the same problem. We have java/jsp client who redirects to SSRS 2008 via parameterized Url. The first episode provokes a dialog box that requires a system-username and password (i.e. Windows user, not SS or SSRS user). A "remember" checkbox is also offered. Subsequent redirects do not cause the logon dialog to reappear. Closing the original browser instance and opening a new one will cause the logon dialog to be shown again ("remember" does not really work). If I read correctly, SSRS 2008 does not offer its web pages through IIS any more, so there is nothing to do in administrating IIS, correct? Specifying a Windows user in "Reporting Services Configuration Manager | Execution Account" has no effect.
What entity is hosting "http://host/Reports" and can it be configured to allow anonymous access?