June 27, 2009 at 12:05 am
Hi,
I'm using sql server reporting services 2008.From my application I access the reports in the report server via URL in the browser.
I have added the params and credentials for the datasource to pass via URL.The password is sent as clear text.
Is there any method to secure the password and other info?
How to secure these credentials so that the password is encrypted and the users cannot see the password in the URL.
Thanks,
prabha
June 27, 2009 at 7:03 am
If you are using Windows authentication the password is not clear text, another option is to use Enterprise library for your application data access. There are two more option SSL and encrypt your connection string.
Kind regards,
Gift Peddie
June 27, 2009 at 7:17 am
Thanks for your reply
I'm using SQL server authentication and need to supply the credentials for the datasource.Please give me some more details on SSL or anything else
June 27, 2009 at 9:10 am
I have not used it but you need to read the link below to setup your SSL configuration and you also need to go to the location below in you C drive to open and change the RSReportServer.config file and set SecureConnectionLevel value from 0 to 3 being the highest. I am assming you know it is much easier to let Windows take care of security.
C:\Program Files\Microsoft SQL Server\MSRS10.CADDRE\Reporting Services\ReportServer
http://msdn.microsoft.com/en-us/library/ms345223.aspx
Kind regards,
Gift Peddie
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply