Friday, March 9, 2012

Deploying Report Server behind web servers

We'd like to deploy our report servers behind our web tier in the app tier
in order to prevent our clients from being able to use url access directly.
My main concern has to do with a chance that a client may attempt to alter
the content of report parameters or otherwise probe around.
Our web code is able to forward requests to the report server and render
reports correctly, but toolbar functionality seems to be broken. The web
developer tells me that the toolbar functionality is too stateful, so
paging (as an example) won't work.
Is what we're trying to do (request forwarding) unsupported? Are my fears
regarding exposing the report server in our DMZ unwarranted? If so, I must
be missing something.What about building your own interfaace or getting the Report Stream from
Reporting Webservice to Qrite the Stream to the browser ? There you could
lock down your reporting server and connect to the RS with special lockedup
credentials.
HTH, Jens Suessmeyer.
--
http://www.sqlserver2005.de
--
"JoeA" <joea@.nospam.net> schrieb im Newsbeitrag
news:Xns963D69BAFC14Emailmailcom@.207.46.248.16...
> We'd like to deploy our report servers behind our web tier in the app tier
> in order to prevent our clients from being able to use url access
> directly.
> My main concern has to do with a chance that a client may attempt to alter
> the content of report parameters or otherwise probe around.
> Our web code is able to forward requests to the report server and render
> reports correctly, but toolbar functionality seems to be broken. The web
> developer tells me that the toolbar functionality is too stateful, so
> paging (as an example) won't work.
> Is what we're trying to do (request forwarding) unsupported? Are my fears
> regarding exposing the report server in our DMZ unwarranted? If so, I
> must
> be missing something.|||Thanks for the reply. We have considered that - however we didn't want to
have to recreate all of the goodies in the toolbar.
"Jens Süßmeyer" <Jens@.Remove_this_For_Contacting.sqlserver2005.de> wrote
in news:#1t7uEQRFHA.2136@.TK2MSFTNGP14.phx.gbl:
> What about building your own interfaace or getting the Report Stream
> from Reporting Webservice to Qrite the Stream to the browser ? There
> you could lock down your reporting server and connect to the RS with
> special lockedup credentials.
> HTH, Jens Suessmeyer.
> --
> http://www.sqlserver2005.de
> --
>
Posted by pre at 1:10 AM
Labels: , , , , , , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)