Web Portal not working about reporting-services HOT 37 CLOSED

it was so silly mistake

<MachineKey ValidationKey="VALIDATIONKEY" DecryptionKey="DECRIPTIONKEY" Validation="AES" Decryption="AES" />

Check the casing of the attributes, it should be Pascal Casing as the example above
and solved my problem.

from reporting-services.

The Custom Security was applied (as per explanation of the Code) and it worked. However, SSRS has usually two URLs:

1. http://ssrsserver/reportserver
2. http://ssrsserver/reports

The first one is related to the SSRS Web Service on which the custom security worked properly. For instance, the link for a report that works is: http://ssrsserver/reportserver/Pages/ReportViewer.aspx?/Report123&rs:Command=Render&Token=yyy

The problem is the second one, that it doesnt work. I've tried to use the following link:
http://ssrsserver/Reports/report/Report3?rs:Embed=true&token=yyy
then I get the HTTP ERROR 500.

The same URL works with Windows Auth.

Therefore, the Custom Security works properly for SSRS WebService but it does not for the SSRS Portal.

from reporting-services.

• You might have overwritten some internal dlls of wepportal project or broke something at configuration file.

• Updating machinekey at reportserver.config didn't work for me. I need to add machine.config to both Microsoft.ReportingServices.Portal.WebHost.exe.config and reportserver\web.config files.
  <system.web> <machineKey validationKey=..............."

• For Power BI Report server writing machine key in PBIRS\ReportServer\web.config and PBIRS\Portal\Microsoft.Samples.ReportingServices.CustomSecurity.dll.config didn't work. Because machinekey element was removed automatically from config files on every service restart, so put machinekey to machine.config file.

from reporting-services.

@spkon for SSRS 2016 can you check the \RSWebApp\Microsoft.ReportingServices.Portal.WebHost.exe.config have the machine key , check the detailed step here
https://github.com/Microsoft/Reporting-Services/tree/master/CustomSecuritySample2016#step-4-some-of-the-other-changes-required-in-the-webconfig-file-and-microsoftreportingservicesportalwebhostexeconfig

from reporting-services.

Double check the instructions, we have tried the same sample with multiple customers with success.

Also you don't need to modify the machine.config at all

from reporting-services.

Double check you only have the MachineKey element in the RSReportServer.config (and only in that file) and check the casing of the attributes.
Also check the keys you have generated, from the error your describe the system is not able to decrypt the cookies using the information you have provided , try generating a new key (for example this article shows how to https://support.microsoft.com/en-us/help/2915218/resolving-view-state-message-authentication-code-mac-errors#appendixa)

from reporting-services.

Would you mind to provide more details about the error

from reporting-services.

You can't have both Custom Auth and Windows Auth simultaneously. When in Custom Auth, your 2 urls won't work. What i did was write 2 batch files to toggle between Custom Auth and Windows Auth:

1. Set-to-custom-auth.bat
   and
2. Set-to-windows-auth.bat

Here's the contents of set-to-custom-auth.bat:
@cls
@echo.
@echo.
@echo.
xcopy "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\rsReportServer.2CustomAuth.config" "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\rsreportserver.config" /r /y
xcopy "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\web.2CustomAuth.config" "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\web.config" /r /y

@echo.
pause

Here's the content for set-to-windows-auth.bat:
@cls
@echo.
@echo.
@echo.
xcopy "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\rsReportServer.1WinAuth.config" "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\rsreportserver.config" /r /y
xcopy "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\web.1WinAuth.config" "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\web.config" /r /y
@echo.
pause

Right click on the bat files and "run as administrator", and you will be able to configure reports via 2 urls when in windows auth mode, then switch back to custom auth for prod.

Hope that helps,

Brent

from reporting-services.

i'm having the same issue with Reporting Services 2016 the /reportserver works properly but the RSWebApp is not working. I'm getting HTTP 500 after the login.
Here is the WebHost error log:

Microsoft.ReportingServices.Portal.WebHost!reportserverwebapp!3!09/08/2017-08:42:57:: e ERROR: [5wpqfv0s]: ::1: GET - 0:00:00,0063526
Exception: System.Web.HttpException (0x80004005): Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Microsoft.ReportingServices.Portal.WebHost.Common.RsRequestContext..ctor(IOwinContext context, ILogger logger, IFormsAuthInfoProvider formsAuthInfoProvider)
at Microsoft.ReportingServices.Portal.WebHost.Common.RsRequestContext..ctor(IOwinContext context, ILogger logger)
at Microsoft.ReportingServices.Portal.WebHost.Owin.CustomAuthenticationMiddleware.Invoke(IOwinContext context)
at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.ReportingServices.Portal.WebHost.Owin.RequestLoggingMiddleware.d__0.MoveNext()

Thanks,
Filipe

from reporting-services.

I have the machine key in both files (webhost config and web config) I tried AES and 3DES encryption, still no luck

from reporting-services.

Just to double check, It is the same key across all of the config files?
\ReportServer\web.config
RSWebApp\Microsoft.ReportingServices.Portal.WebHost.exe.config

Typically that error is caused by a mismatch between the key used to encrypt versus the one is used to decrypt

from reporting-services.

Yea It is the same key. Copy-Paste from one file to the other one

from reporting-services.

@jtarquino I can send you the configuration files if needed (just to be sure).

from reporting-services.

@spkon feel free to provide the files and I can take a look

from reporting-services.

My configs:

configs.zip

from reporting-services.

Your key have the property IsolateApps property, please try removing it.
You can find instructions on how to generate the key in https://github.com/Microsoft/Reporting-Services/tree/master/CustomSecuritySample2016#reporting-services-2016

from reporting-services.

It worked. I used IIS to generate the key thats why it came with IsolatedApps.

Thanks!

from reporting-services.

It not working in last release of power bi Version 1.1.6514.9163 (October 2017).
Microsoft developers want put machinekey property to rsreportserver.config
and auto remove machinekey from web.config, Microsoft.ReportingServices.Portal.WebHost.exe.config
https://docs.microsoft.com/ru-ru/sql/reporting-services/extensions/security-extension/how-to-install...

But one of developer forget change search of parameter in new place.
Now you can only put it to machine.config and yes you get problem with other apps/

from reporting-services.

https://docs.microsoft.com/ru-ru/sql/reporting-services/extensions/security-extension/how-to-install link not working!!

from reporting-services.

Are you trying to install the custom security extension, detailed instructions are available here https://github.com/Microsoft/Reporting-Services/blob/master/CustomSecuritySample/README.md

from reporting-services.

NOTE: i am using power bi Version: 2.51.4885.2501 64-bit (October 2017)
by any chance is there any way to make it work

I tried all the steps mentioned in below link
https://github.com/Microsoft/Reporting-Services/blob/master/CustomSecuritySample/README.md
but for WebPortal i am getting internal server error 500.
i tried step 4 and 5 correctly still no luck.
even i tried putting machine key in

%windir%\Microsoft.NET\Framework64[version]\config\machine.config file. still same error

from reporting-services.

power bi Version: 2.51.4885.2501 64-bit (October 2017)

i checked those instruction on my side but still i am facing the same issue.
Note that i have SSRS 2012 installed/configured on my machine is there any chance that this can cause an issue with Power BI reporting server web App?

from reporting-services.

You will have to check the logs to see what is the problem you are having, having another version of SSRS should not be an issue

from reporting-services.

These are the log entries:

RSPortal!reportserverwebapp!RSPortal.exe!3!02/02/2018-12:47:51:: i INFO: Received request GET | RequestID = s_a4edd06d-2891-4b4c-baff-0b6b53f5af70
RSPortal!reportserverwebapp!RSPortal.exe!3!02/02/2018-12:48:12:: i INFO: Received request GET | RequestID = s_875c2e99-f44a-4f61-9754-367bd22178ca
RSPortal!reportserverwebapp!RSPortal.exe!3!02/02/2018-12:48:12:: e ERROR: 10.232.148.138: GET - 0:00:00.0098087
Exception: System.Web.HttpException (0x80004005): Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreateRequestContextFromCookie(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreatePortalIdentity(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.Invoke(IOwinContext context)
at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.BIServer.Owin.Common.Middleware.RequestLoggingMiddleWare.d__2.MoveNext() | RequestID = s_875c2e99-f44a-4f61-9754-367bd22178ca

from reporting-services.

My comment in #49 may help too:
#49 (comment)

from reporting-services.

@jtarquino i have created the new Key using mentioned url
as below

    <machineKey decryption="AES" decryptionKey="DECRIPTKEY" validation="AES" validationKey="VALIDATIONKEY" />

still giving same error mentioned in Log.

//Reporting service url which work perfectlly fine
http://localhost/ReportServer2k17

//portal url which gives internal server error
http://localhost/Reports2k17

from reporting-services.

@danielnord i tried clearing the encrypted data still no luck!!

from reporting-services.

@ganeshlalasaheblondhe As @jtarquino says it sounds like the keys are wrong. I generated it using IIS and that helped me. Before that my keys was wrong

from reporting-services.

@danielnord using which site you have created that Key because SSRS sites are not present in IIS.

from reporting-services.

@ganeshlalasaheblondhe I only generated the keys within IIS and then pasted them into the decryptionKey and validationKey attributes as I described in #49 (Generate from IIS > Site > Machine Key > Generate keys)

from reporting-services.

I am up against the same thing - Others with same Error

Otherwise it works perfectly - logon page appears, can register and login. But the portal will never display. Fails with Http 500. Error from Log is:

RSPortal!crypto!RSPortal.exe!1!03/30/2018-16:51:34:: i INFO: Importing existing encryption key
RSPortal!reportserverwebapp!RSPortal.exe!3!03/30/2018-16:51:43:: i INFO: Received request GET  | RequestID = s_90a5fbcb-e48a-4a4e-accd-9467d85783ac 
RSPortal!reportserverwebapp!RSPortal.exe!3!03/30/2018-16:51:43:: e ERROR:  ::1: GET  - 0:00:00.0341756
Exception: System.Web.HttpException (0x80004005): Unable to validate data.
   at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
   at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
   at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreateRequestContextFromCookie(IOwinContext context)
   at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreatePortalIdentity(IOwinContext context)
   at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.Invoke(IOwinContext context)
   at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.<Invoke>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.BIServer.Owin.Common.Middleware.RequestLoggingMiddleWare.<Invoke>d__2.MoveNext() | RequestID = s_90a5fbcb-e48a-4a4e-accd-9467d85783ac 

from reporting-services.

I installed R\Power Bi Report Server - Evaluation, Product Version 15.0.2.378 and I still had to update the machine config to get it to work with the custom security example. So adding the machinekey under system.web in the machine.config file is still required.

from reporting-services.

I have a Custom security module installed with SSRS 2016 and I am able to authenticate to the server correctly.

Now, I would like to use the same cookie to authenticate with another web application on the same server. When authenticating with the other web application first and going to localhost/reports, I get an error. The log file says;
Exception: System.Web.HttpException (0x80004005): Unable to validate data. at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData) at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket) at Microsoft.ReportingServices.Portal.WebHost.Common.RsRequestContext..ctor(IOwinContext context, ILogger logger, IFormsAuthInfoProvider formsAuthInfoProvider) at Microsoft.ReportingServices.Portal.WebHost.Common.RsRequestContext..ctor(IOwinContext context, ILogger logger) at Microsoft.ReportingServices.Portal.WebHost.Owin.CustomAuthenticationMiddleware.Invoke(IOwinContext context) at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware1.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.ReportingServices.Portal.WebHost.Owin.RequestLoggingMiddleware.d__0.MoveNext()`

Below is the machine key settings I have used in three locations;
.\Reporting Services\Reporting\web.config
.\Reporting Services\RSWebApp\Microsoft.ReportingServices.Portal.WebHost.exe.config
My other applications web.config file.
<machineKey validationKey="AE08BB7252822DBEDE9B6C6E2E62A1927FECEA3917393A2E39013717BECC056A09E1668DFFEC7ACDBE1F0CC7EF0949EE58E5F6208F8E87417E1D03D610255D9C" decryptionKey="70206FC0BFFFBA4E5004B97BA82E9796F127A11CFE5F7C28" validation="HMACSHA256" decryption="AES"/>
Any help will be greatly appreciated!

from reporting-services.

it was so silly mistake

<MachineKey ValidationKey="VALIDATIONKEY" DecryptionKey="DECRIPTIONKEY" Validation="AES" Decryption="AES" />

Check the casing of the attributes, it should be Pascal Casing as the example above
and solved my problem.

from reporting-services.

please help me I installed powerBI October 2017 release and i added custom security sample I followed all steps but I am getting Http 500 internal server error

from reporting-services.

Hello
I faced the same issue as you when i set custom authentification with power bi report server, error 500 on web portal unable to valide data (machine key). Report server was working fine.

My machine key was well set but Microsoft didn't say one important thing. After you set a new machine key, don't forget to go to report server configuration manager and in encryption keys tab push delete encrypted content. This step saved my day after several hours of research, i hope it will help you too. No need to modify machine.config and it's not a best practice at all.

from reporting-services.

I am experiencing the same issue on the power BI report server version 2018.0150.1102.371
have tried rsreportserver.config, macine.config with no luck
2019-07-24 13:36:48.0628|ERROR|6| ::1: GET - 0:00:00.0035325
Exception: System.Web.HttpException (0x80004005): Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreateRequestContextFromCookie(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreatePortalIdentity(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.Invoke(IOwinContext context)
at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.BIServer.Owin.Common.Middleware.RequestLoggingMiddleWare.d__2.MoveNext()| RequestID = s_571c28dd-1290-4a8a-8e43-4cd2793c779e

from reporting-services.