I’ve been tearing my hair out for about 4 hours trying to figure out why my custom Forms Authentication code for SQL Server 2005 Reporting Services isn’t working properly when using a WCF service as a client.
I kept getting errors like "AccessDeniedException" for user = "".
I would call the service like this:
_serviceClient = new Reports.ReportingService2005SoapClient(); Reports.LogonUserRequest request = new Reports.LogonUserRequest(); request.userName = Credentials.UserName; request.password = Credentials.Password; request.authority = Credentials.ModuleKey; Reports.LogonUserResponse response = _serviceClient.LogonUser(request); Reports.FindItemsRequest findRequest = new Reports.FindItemsRequest("/",
Reports.BooleanOperatorEnum.Or, new List<Reports.SearchCondition>()); Reports.FindItemsResponse findResponse = _serviceClient.FindItems(request);
The LogonUser() request would work fine, but the subsequent request would fail because the Username wasn’t found.
I finally figured out that WCF wasn’t persisting the cookies between requests, an issue I quickly corrected by adding allowCookies="true" to my Binding config.
<binding name="ReportingService2005Soap" maxReceivedMessageSize="1000000"
allowCookies="true"> <security mode="None"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding>
Silly me for thinking WCF would manage my cookies by default (like it did with .NET 2.0 Web References), nope I have to turn it on… There’s 4 hours of my life I’ll never get back!