Ref: http://support.microsoft.com/kb/842419/en-us
How to grant permissions to a custom assembly that is referenced in a report in Reporting Services
Article ID | : | 842419 |
Last Review | : | April 3, 2007 |
Revision | : | 2.1 |
On This Page
SUMMARY
This article describes a problem that occurs when you access a custom assembly in your report that does not have sufficient permissions on the resources in your environment. The article also provides steps to grant permissions to the custom assemblies that are used in the reports. To do this, follow these steps:
1. | Assert permissions in your custom assembly. |
2. | Make the custom assembly available to Report Designer and to Report Server. |
3. | Reference the custom assembly in your report. |
4. | Modify the code access security settings for your custom assembly. |
INTRODUCTION
Reports that access custom assemblies may not render successfully if the custom assemblies do not have sufficient permissions. This article describes how to modify the policy configuration files to grant additional permissions to a custom assembly that is accessed by a report.
MORE INFORMATION
After you create a custom assembly by using the Microsoft .NET Framework, and then you access the custom assembly in your report and preview the report in Report Designer, the report may not render successfully. However, if you run the same report in DebugLocal mode in Report Designer or if you view the report by using Report Manager, the following error may be rendered in the report instead of the output of the referenced custom assembly:
Note If you preview the report in Report Designer, the report runs all the report expressions by using the FullTrust permission set. The report does not use the security policy settings.
To grant the required permissions to a custom assembly, follow these steps:
Note The examples provided in this section use C# code.
For example, if you access data in Microsoft SQL Server tables by using the "System.Data.SQLClient" namespace in your custom assembly, you must add the following code to your custom assembly before you use the "System.Data.SQLClient" namespace:
After you access the custom assembly in your report and you run the report in DebugLocal mode, the report renders successfully.
Additionally, you may receive an error message that is similar to the following in Report Designer when you run the report in DebugLocal mode:
Request for the permission of type System.Security.Permissions.FileIOPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.
This problem may occur when the custom assemblies that are referenced in your report do not have sufficient permissions. Note If you preview the report in Report Designer, the report runs all the report expressions by using the FullTrust permission set. The report does not use the security policy settings.
To grant the required permissions to a custom assembly, follow these steps:
1. | Assert permissions in your custom assembly. |
2. | Make the custom assembly available to Report Designer and to Report Server. |
3. | Reference the custom assembly in your report. |
4. | Modify the code access security settings for your custom assembly. |
Assert permissions in your custom assembly
To acquire the required permissions to run the code in your custom assembly, you must assert the required permissions in your custom assembly code.Note The examples provided in this section use C# code.
For example, if you access data in Microsoft SQL Server tables by using the "System.Data.SQLClient" namespace in your custom assembly, you must add the following code to your custom assembly before you use the "System.Data.SQLClient" namespace:
System.Data.SqlClient.SqlClientPermission pSql = new SqlClientPermission(System.Security.Permissions.PermissionState.Unrestricted);
pSql.Assert();
If you access a file in your custom assembly, you must add the following code to your custom assembly before you access the file:
FileIOPermission filePerm = new FileIOPermission(FileIOPermissionAccess.Read, "C:\TestFile");
filePerm.Assert();
Similarly, if you access a Web service in your custom assembly, you must add code that is similar to the following to assert the Web permissions:
System.Text.RegularExpressions.Regex urlRegEx = new System.Text.RegularExpressions.Regex(@"http://www\.webcontinuum\.net/.*");
System.Net.WebPermission p = new System.Net.WebPermission(NetworkAccess.Connect,urlRegEx);
p.Assert();
For more information about asserting permissions in your custom assembly, visit the following MSDN Web site:
http://msdn2.microsoft.com/en-us/library/aa179495(SQL.80).aspx (http://msdn2.microsoft.com/en-us/library/aa179495(SQL.80).aspx)
Make the custom assembly available to Report Designer and to Report Server
To make your custom assembly available to Report Designer and to Report Server, you must copy the custom assembly to the following folders:• | Installation Drive:\Program Files\Microsoft SQL Server\80\Tools\Report Designer |
• | Installation Drive:\Program Files\Microsoft SQL Server\MSSQL\Reporting Services\ReportServer\bin |
Reference the custom assembly in your report
To reference a custom assembly in your report, follow these steps:1. | Open the report project in Microsoft Visual Studio .NET 2003. |
2. | Open the report that must reference the custom assembly. |
3. | On the Report menu, click Report Properties. |
4. | In the Report Properties dialog box, click the References tab. |
5. | Under References, click the ellipsis button that is next to the Assembly name column header. |
6. | In the Add References dialog box, click Browse. |
7. | In the Select Component dialog box, locate and click your custom assembly, and then click Open. |
8. | In the Add References dialog box, click OK. |
9. | In the Report Properties dialog box, click OK. |
Modify the code access security settings for your custom assembly
To grant the required permissions to the custom assembly, you must modify the code access security settings in the policy configuration files that correspond to Report Designer and to Report Server. To do this, follow these steps:1. | Create the permission set element and the code group element for your custom assembly that specifies the required permissions. To do this, follow these steps:
|
||||||||||||||||||||||||||||||||||||||||||||
2. | Add the permission set and the code group that correspond to your custom assembly in the security policy configuration files for your report server. To do this, follow these steps:
|
REFERENCES
For more information about code access security in Reporting Services, visit the following MSDN Web site:
http://msdn2.microsoft.com/en-us/library/aa902638(SQL.80).aspx (http://msdn2.microsoft.com/en-us/library/aa902638(SQL.80).aspx)
For more information about the using custom assemblies with reports in Reporting Services, visit the following MSDN Web site:
http://msdn2.microsoft.com/en-us/library/aa179513(SQL.80).aspx (http://msdn2.microsoft.com/en-us/library/aa179513(SQL.80).aspx)
For more information about debugging the custom assemblies in Reporting Services, visit the following MSDN Web site:
http://msdn2.microsoft.com/en-us/library/aa179526(SQL.80).aspx (http://msdn2.microsoft.com/en-us/library/aa179526(SQL.80).aspx)