Fatal编程技术网
  • rest/
  • 如何在实现自定义安全性(非SOAP)的情况下调用SSRS Rest Api V1.0

如何在实现自定义安全性(非SOAP)的情况下调用SSRS Rest Api V1.0

rest reporting-services

如何在实现自定义安全性(非SOAP)的情况下调用SSRS Rest Api V1.0,rest,reporting-services,authorization,ssrs-2016,custom-authentication,Rest,Reporting Services,Authorization,Ssrs 2016,Custom Authentication,我已在我的reporting services 2016上实施了自定义安全性,在浏览器URL栏(reports或reportserver)上键入reporting services的URL后,它将显示登录页面 我正在使用以下代码传递凭据 当我在没有安全扩展的情况下使用代码时,它会工作,看起来是这样的 ICredentials _executionCredentials; CredentialCache myCache = new CredentialCache(); Uri reportSer

我已在我的reporting services 2016上实施了自定义安全性,在浏览器URL栏(reports或reportserver)上键入reporting services的URL后,它将显示登录页面

我正在使用以下代码传递凭据 当我在没有安全扩展的情况下使用代码时,它会工作,看起来是这样的

ICredentials _executionCredentials;

CredentialCache myCache = new CredentialCache();
Uri reportServerUri = new Uri(ReportServerUrl);
myCache.Add(new Uri(reportServerUri.GetLeftPart(UriPartial.Authority)),
                 "NTLM", new NetworkCredential(MyUserName, MyUserPassword));
_executionCredentials = myCache;
当我使用带有安全扩展的代码时,它不起作用,看起来是这样的

ICredentials _executionCredentials;
CredentialCache myCache = new CredentialCache();
Uri reportServerUri = new Uri(ReportServerUrl);

myCache.Add(new Uri(reportServerUri.GetLeftPart(UriPartial.Authority)),
                "Basic", new NetworkCredential(MyUserName, MyUserPassword));
_executionCredentials = myCache;
我得到一个异常,说“对这个POST请求的响应没有包含'location'头。当我实际使用这个凭证时,这个客户端不支持这一点

“基本”是错误的选择吗

有人这样做过吗

更新1 事实证明我的SSR正在期待一个授权cookie 我无法通过(根据fiddler的说法,没有饼干)

我就是这样得到它的(SSRS 2017;api v2.0)。我从Fiddler那里得到了“body”的值:

    var handler = new HttpClientHandler();
    var httpClient = new HttpClient(handler);

    Assert.AreEqual(0, handler.CookieContainer.Count);

    // Create a login form
    var body = new Dictionary<string, string>()
    {
        {"__VIEWSTATE", "9cZYKBmLKR3EbLhJvaf1JI7LZ4cc0244Hpcpzt/2MsDy+ccwNaw9hswvzwepb4InPxvrgR0FJ/TpZWbLZGNEIuD/dmmqy0qXNm5/6VMn9eV+SBbdAhSupsEhmbuTTrg7sjtRig==" },
        {"__VIEWSTATEGENERATOR", "480DEEB3"},
        { "__EVENTVALIDATION", "IS0IRlkvSTMCa7SfuB/lrh9f5TpFSB2wpqBZGzpoT/aKGsI5zSjooNO9QvxIh+QIvcbPFDOqTD7R0VDOH8CWkX4T4Fs29e6IL92qPik3euu5QpidxJB14t/WSqBywIMEWXy6lfVTsTWAkkMJRX8DX7OwIhSWZAEbWZUyJRSpXZK5k74jl4x85OZJ19hyfE9qwatskQ=="},
        {"txtUserName",  "User"},
        {"txtPassword", "1"},
        {"btnLogin","Войти"}
    };
    var content = new FormUrlEncodedContent(body);

    // POST to login form
    var response = await httpClient.PostAsync("http://127.0.0.1:777/ReportServer/Logon.aspx", content);

    // Check the cookies created by server
    Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
    var cookies = handler.CookieContainer.GetCookies(new Uri("http://127.0.0.1:777/ReportServer"));
    Assert.AreEqual("sqlAuthCookie", cookies[0].Name);

    // Make new request to secured resource
    var myresponse = await httpClient.GetAsync("http://127.0.0.1:777/Reports/api/v2.0/Folders");

    var stringContent = await myresponse.Content.ReadAsStringAsync();
    Console.Write(stringContent);

var handler=newhttpclienthandler();
var httpClient=新的httpClient(处理程序);
AreEqual(0,handler.CookieContainer.Count);
//创建一个登录表单
var body=newdictionary()
{
{“视图状态”,“9CZYKBMLKR3EBLHJVAF1JI7LZ4CC0244HPPZT/2MsDy+ccwNaw9hswvzwepb4InPxvrgR0FJ/TPZWBLZGNIUD/dmmqy0qXNm5/6VMn9eV+SBbdAhSupsEhmbuTTrg7sjtRig=”,
{uuuu VIEWSTATEGENERATOR”,“480DEEB3},
{“事件验证”、“IS0IRlkvSTMCa7SfuB/lrh9f5TpFSB2wpqBZGzpoT/aKGsI5zSjooNO9QvxIh+QIvcbPFDOqTD7R0VDOH8CWkX4T4Fs29e6IL92qPik3euu5QpidxJB14t/WSQBYWIMEXY6FVTSTWTWKKMJRX8DX7OWIHSWZKWZKWZUYJRS5K744X85OZJ19HYFE9QWATSKQ=”,
{“txtUserName”,“User”},
{“txtPassword”,“1”},
{“btnLogin”,“b砦砦砦砦砦”}
};
var content=新的FormUrlEncodedContent(正文);
//发布到登录表单
var响应=等待httpClient.PostAsync(“http://127.0.0.1:777/ReportServer/Logon.aspx“,内容);
//检查服务器创建的cookie
AreEqual(HttpStatusCode.OK,response.StatusCode);
var cookies=handler.CookieContainer.GetCookies(新Uri(“http://127.0.0.1:777/ReportServer"));
Assert.AreEqual(“sqlAuthCookie”,cookies[0].Name);
//向受保护的资源发出新请求
var myresponse=wait httpClient.GetAsync(“http://127.0.0.1:777/Reports/api/v2.0/Folders");
var stringContent=await myresponse.Content.ReadAsStringAsync();
Console.Write(stringContent);
用户凭据是在您的自定义安全存储库中定义的吗?凭据位于数据库安全存储中。我不认为上面的响应表明SSR中与身份验证或授权相关的任何问题。这更多的是一个RESTAPI协议问题。本文建议以编程方式添加位置标头。-->我看到了,谢谢,我试图实现,但是location属性是只读的。我已经检查了与fiddler的通信,它确实需要一个cookie来通过身份验证。所以现在我需要学习如何通过…斯帕西博·迪米特里!它确实起作用了,现在。。。这就引出了下一个问题,如何正确实现这一点,因为视图状态信息与reporting services的每个实例都相关。。我想登录到不同的服务器,但这是另一个问题。。。这就是你的答案 
    var handler = new HttpClientHandler();
    var httpClient = new HttpClient(handler);

    Assert.AreEqual(0, handler.CookieContainer.Count);

    // Create a login form
    var body = new Dictionary<string, string>()
    {
        {"__VIEWSTATE", "9cZYKBmLKR3EbLhJvaf1JI7LZ4cc0244Hpcpzt/2MsDy+ccwNaw9hswvzwepb4InPxvrgR0FJ/TpZWbLZGNEIuD/dmmqy0qXNm5/6VMn9eV+SBbdAhSupsEhmbuTTrg7sjtRig==" },
        {"__VIEWSTATEGENERATOR", "480DEEB3"},
        { "__EVENTVALIDATION", "IS0IRlkvSTMCa7SfuB/lrh9f5TpFSB2wpqBZGzpoT/aKGsI5zSjooNO9QvxIh+QIvcbPFDOqTD7R0VDOH8CWkX4T4Fs29e6IL92qPik3euu5QpidxJB14t/WSqBywIMEWXy6lfVTsTWAkkMJRX8DX7OwIhSWZAEbWZUyJRSpXZK5k74jl4x85OZJ19hyfE9qwatskQ=="},
        {"txtUserName",  "User"},
        {"txtPassword", "1"},
        {"btnLogin","Войти"}
    };
    var content = new FormUrlEncodedContent(body);

    // POST to login form
    var response = await httpClient.PostAsync("http://127.0.0.1:777/ReportServer/Logon.aspx", content);

    // Check the cookies created by server
    Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
    var cookies = handler.CookieContainer.GetCookies(new Uri("http://127.0.0.1:777/ReportServer"));
    Assert.AreEqual("sqlAuthCookie", cookies[0].Name);

    // Make new request to secured resource
    var myresponse = await httpClient.GetAsync("http://127.0.0.1:777/Reports/api/v2.0/Folders");

    var stringContent = await myresponse.Content.ReadAsStringAsync();
    Console.Write(stringContent);