Comments (37)
it was so silly mistake
<MachineKey ValidationKey="VALIDATIONKEY" DecryptionKey="DECRIPTIONKEY" Validation="AES" Decryption="AES" />
Check the casing of the attributes, it should be Pascal Casing as the example above
and solved my problem.
from reporting-services.
The Custom Security was applied (as per explanation of the Code) and it worked. However, SSRS has usually two URLs:
The first one is related to the SSRS Web Service on which the custom security worked properly. For instance, the link for a report that works is: http://ssrsserver/reportserver/Pages/ReportViewer.aspx?/Report123&rs:Command=Render&Token=yyy
The problem is the second one, that it doesnt work. I've tried to use the following link:
http://ssrsserver/Reports/report/Report3?rs:Embed=true&token=yyy
then I get the HTTP ERROR 500.
The same URL works with Windows Auth.
Therefore, the Custom Security works properly for SSRS WebService but it does not for the SSRS Portal.
from reporting-services.
-
You might have overwritten some internal dlls of wepportal project or broke something at configuration file.
-
Updating machinekey at reportserver.config didn't work for me. I need to add machine.config to both Microsoft.ReportingServices.Portal.WebHost.exe.config and reportserver\web.config files.
<system.web> <machineKey validationKey=..............."
-
For Power BI Report server writing machine key in PBIRS\ReportServer\web.config and PBIRS\Portal\Microsoft.Samples.ReportingServices.CustomSecurity.dll.config didn't work. Because machinekey element was removed automatically from config files on every service restart, so put machinekey to machine.config file.
from reporting-services.
@spkon for SSRS 2016 can you check the \RSWebApp\Microsoft.ReportingServices.Portal.WebHost.exe.config have the machine key , check the detailed step here
https://github.com/Microsoft/Reporting-Services/tree/master/CustomSecuritySample2016#step-4-some-of-the-other-changes-required-in-the-webconfig-file-and-microsoftreportingservicesportalwebhostexeconfig
from reporting-services.
Double check the instructions, we have tried the same sample with multiple customers with success.
Also you don't need to modify the machine.config at all
from reporting-services.
Double check you only have the MachineKey element in the RSReportServer.config (and only in that file) and check the casing of the attributes.
Also check the keys you have generated, from the error your describe the system is not able to decrypt the cookies using the information you have provided , try generating a new key (for example this article shows how to https://support.microsoft.com/en-us/help/2915218/resolving-view-state-message-authentication-code-mac-errors#appendixa)
from reporting-services.
Would you mind to provide more details about the error
from reporting-services.
You can't have both Custom Auth and Windows Auth simultaneously. When in Custom Auth, your 2 urls won't work. What i did was write 2 batch files to toggle between Custom Auth and Windows Auth:
- Set-to-custom-auth.bat
and - Set-to-windows-auth.bat
Here's the contents of set-to-custom-auth.bat:
@cls
@echo.
@echo.
@echo.
xcopy "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\rsReportServer.2CustomAuth.config" "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\rsreportserver.config" /r /y
xcopy "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\web.2CustomAuth.config" "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\web.config" /r /y
@echo.
pause
Here's the content for set-to-windows-auth.bat:
@cls
@echo.
@echo.
@echo.
xcopy "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\rsReportServer.1WinAuth.config" "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\rsreportserver.config" /r /y
xcopy "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\web.1WinAuth.config" "C:\Program Files\Microsoft Power BI Report Server\PBIRS\ReportServer\web.config" /r /y
@echo.
pause
Right click on the bat files and "run as administrator", and you will be able to configure reports via 2 urls when in windows auth mode, then switch back to custom auth for prod.
Hope that helps,
Brent
from reporting-services.
i'm having the same issue with Reporting Services 2016 the /reportserver works properly but the RSWebApp is not working. I'm getting HTTP 500 after the login.
Here is the WebHost error log:
Microsoft.ReportingServices.Portal.WebHost!reportserverwebapp!3!09/08/2017-08:42:57:: e ERROR: [5wpqfv0s]: ::1: GET - 0:00:00,0063526
Exception: System.Web.HttpException (0x80004005): Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Microsoft.ReportingServices.Portal.WebHost.Common.RsRequestContext..ctor(IOwinContext context, ILogger logger, IFormsAuthInfoProvider formsAuthInfoProvider)
at Microsoft.ReportingServices.Portal.WebHost.Common.RsRequestContext..ctor(IOwinContext context, ILogger logger)
at Microsoft.ReportingServices.Portal.WebHost.Owin.CustomAuthenticationMiddleware.Invoke(IOwinContext context)
at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.ReportingServices.Portal.WebHost.Owin.RequestLoggingMiddleware.d__0.MoveNext()
Thanks,
Filipe
from reporting-services.
I have the machine key in both files (webhost config and web config) I tried AES and 3DES encryption, still no luck
from reporting-services.
Just to double check, It is the same key across all of the config files?
\ReportServer\web.config
RSWebApp\Microsoft.ReportingServices.Portal.WebHost.exe.config
Typically that error is caused by a mismatch between the key used to encrypt versus the one is used to decrypt
from reporting-services.
Yea It is the same key. Copy-Paste from one file to the other one
from reporting-services.
@jtarquino I can send you the configuration files if needed (just to be sure).
from reporting-services.
@spkon feel free to provide the files and I can take a look
from reporting-services.
My configs:
from reporting-services.
Your key have the property IsolateApps property, please try removing it.
You can find instructions on how to generate the key in https://github.com/Microsoft/Reporting-Services/tree/master/CustomSecuritySample2016#reporting-services-2016
from reporting-services.
It worked. I used IIS to generate the key thats why it came with IsolatedApps.
Thanks!
from reporting-services.
It not working in last release of power bi Version 1.1.6514.9163 (October 2017).
Microsoft developers want put machinekey property to rsreportserver.config
and auto remove machinekey from web.config, Microsoft.ReportingServices.Portal.WebHost.exe.config
https://docs.microsoft.com/ru-ru/sql/reporting-services/extensions/security-extension/how-to-install...
But one of developer forget change search of parameter in new place.
Now you can only put it to machine.config and yes you get problem with other apps/
from reporting-services.
https://docs.microsoft.com/ru-ru/sql/reporting-services/extensions/security-extension/how-to-install link not working!!
from reporting-services.
Are you trying to install the custom security extension, detailed instructions are available here https://github.com/Microsoft/Reporting-Services/blob/master/CustomSecuritySample/README.md
from reporting-services.
NOTE: i am using power bi Version: 2.51.4885.2501 64-bit (October 2017)
by any chance is there any way to make it work
I tried all the steps mentioned in below link
https://github.com/Microsoft/Reporting-Services/blob/master/CustomSecuritySample/README.md
but for WebPortal i am getting internal server error 500.
i tried step 4 and 5 correctly still no luck.
even i tried putting machine key in
%windir%\Microsoft.NET\Framework64[version]\config\machine.config file. still same error
from reporting-services.
power bi Version: 2.51.4885.2501 64-bit (October 2017)
i checked those instruction on my side but still i am facing the same issue.
Note that i have SSRS 2012 installed/configured on my machine is there any chance that this can cause an issue with Power BI reporting server web App?
from reporting-services.
You will have to check the logs to see what is the problem you are having, having another version of SSRS should not be an issue
from reporting-services.
These are the log entries:
RSPortal!reportserverwebapp!RSPortal.exe!3!02/02/2018-12:47:51:: i INFO: Received request GET | RequestID = s_a4edd06d-2891-4b4c-baff-0b6b53f5af70
RSPortal!reportserverwebapp!RSPortal.exe!3!02/02/2018-12:48:12:: i INFO: Received request GET | RequestID = s_875c2e99-f44a-4f61-9754-367bd22178ca
RSPortal!reportserverwebapp!RSPortal.exe!3!02/02/2018-12:48:12:: e ERROR: 10.232.148.138: GET - 0:00:00.0098087
Exception: System.Web.HttpException (0x80004005): Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreateRequestContextFromCookie(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreatePortalIdentity(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.Invoke(IOwinContext context)
at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.BIServer.Owin.Common.Middleware.RequestLoggingMiddleWare.d__2.MoveNext() | RequestID = s_875c2e99-f44a-4f61-9754-367bd22178ca
from reporting-services.
My comment in #49 may help too:
#49 (comment)
from reporting-services.
@jtarquino i have created the new Key using mentioned url
as below
<machineKey decryption="AES" decryptionKey="DECRIPTKEY" validation="AES" validationKey="VALIDATIONKEY" />
still giving same error mentioned in Log.
//Reporting service url which work perfectlly fine
http://localhost/ReportServer2k17
//portal url which gives internal server error
http://localhost/Reports2k17
from reporting-services.
@danielnord i tried clearing the encrypted data still no luck!!
from reporting-services.
@ganeshlalasaheblondhe As @jtarquino says it sounds like the keys are wrong. I generated it using IIS and that helped me. Before that my keys was wrong
from reporting-services.
@danielnord using which site you have created that Key because SSRS sites are not present in IIS.
from reporting-services.
@ganeshlalasaheblondhe I only generated the keys within IIS and then pasted them into the decryptionKey and validationKey attributes as I described in #49 (Generate from IIS > Site > Machine Key > Generate keys)
from reporting-services.
I am up against the same thing - Others with same Error
Otherwise it works perfectly - logon page appears, can register and login. But the portal will never display. Fails with Http 500. Error from Log is:
RSPortal!crypto!RSPortal.exe!1!03/30/2018-16:51:34:: i INFO: Importing existing encryption key
RSPortal!reportserverwebapp!RSPortal.exe!3!03/30/2018-16:51:43:: i INFO: Received request GET | RequestID = s_90a5fbcb-e48a-4a4e-accd-9467d85783ac
RSPortal!reportserverwebapp!RSPortal.exe!3!03/30/2018-16:51:43:: e ERROR: ::1: GET - 0:00:00.0341756
Exception: System.Web.HttpException (0x80004005): Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreateRequestContextFromCookie(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreatePortalIdentity(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.Invoke(IOwinContext context)
at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.<Invoke>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.BIServer.Owin.Common.Middleware.RequestLoggingMiddleWare.<Invoke>d__2.MoveNext() | RequestID = s_90a5fbcb-e48a-4a4e-accd-9467d85783ac
from reporting-services.
I installed R\Power Bi Report Server - Evaluation, Product Version 15.0.2.378 and I still had to update the machine config to get it to work with the custom security example. So adding the machinekey under system.web in the machine.config file is still required.
from reporting-services.
I have a Custom security module installed with SSRS 2016 and I am able to authenticate to the server correctly.
Now, I would like to use the same cookie to authenticate with another web application on the same server. When authenticating with the other web application first and going to localhost/reports, I get an error. The log file says;
Exception: System.Web.HttpException (0x80004005): Unable to validate data. at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData) at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket) at Microsoft.ReportingServices.Portal.WebHost.Common.RsRequestContext..ctor(IOwinContext context, ILogger logger, IFormsAuthInfoProvider formsAuthInfoProvider) at Microsoft.ReportingServices.Portal.WebHost.Common.RsRequestContext..ctor(IOwinContext context, ILogger logger) at Microsoft.ReportingServices.Portal.WebHost.Owin.CustomAuthenticationMiddleware.Invoke(IOwinContext context) at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware
1.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.ReportingServices.Portal.WebHost.Owin.RequestLoggingMiddleware.d__0.MoveNext()`
Below is the machine key settings I have used in three locations;
.\Reporting Services\Reporting\web.config
.\Reporting Services\RSWebApp\Microsoft.ReportingServices.Portal.WebHost.exe.config
My other applications web.config file.
<machineKey validationKey="AE08BB7252822DBEDE9B6C6E2E62A1927FECEA3917393A2E39013717BECC056A09E1668DFFEC7ACDBE1F0CC7EF0949EE58E5F6208F8E87417E1D03D610255D9C" decryptionKey="70206FC0BFFFBA4E5004B97BA82E9796F127A11CFE5F7C28" validation="HMACSHA256" decryption="AES"/>
Any help will be greatly appreciated!
from reporting-services.
it was so silly mistake
<MachineKey ValidationKey="VALIDATIONKEY" DecryptionKey="DECRIPTIONKEY" Validation="AES" Decryption="AES" />
Check the casing of the attributes, it should be Pascal Casing as the example above
and solved my problem.
from reporting-services.
please help me I installed powerBI October 2017 release and i added custom security sample I followed all steps but I am getting Http 500 internal server error
from reporting-services.
Hello
I faced the same issue as you when i set custom authentification with power bi report server, error 500 on web portal unable to valide data (machine key). Report server was working fine.
My machine key was well set but Microsoft didn't say one important thing. After you set a new machine key, don't forget to go to report server configuration manager and in encryption keys tab push delete encrypted content. This step saved my day after several hours of research, i hope it will help you too. No need to modify machine.config and it's not a best practice at all.
from reporting-services.
I am experiencing the same issue on the power BI report server version 2018.0150.1102.371
have tried rsreportserver.config, macine.config with no luck
2019-07-24 13:36:48.0628|ERROR|6| ::1: GET - 0:00:00.0035325
Exception: System.Web.HttpException (0x80004005): Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreateRequestContextFromCookie(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreatePortalIdentity(IOwinContext context)
at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.Invoke(IOwinContext context)
at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.BIServer.Owin.Common.Middleware.RequestLoggingMiddleWare.d__2.MoveNext()| RequestID = s_571c28dd-1290-4a8a-8e43-4cd2793c779e
from reporting-services.
Related Issues (20)
- Custom authentication extension with Windows authentication HOT 1
- Old Windows Authentication Pop-up Login Keeps Appearing After Time-out
- SSRS Security Extension - how to access HttpContext.Current from IAuthenticationExtension2.GetUserInfo(IRSRequestContext) HOT 1
- SSRS Security extension - how to redirect login from inside GetUserInfo API
- SSRS Security Extension - GetUserInfo API missing cookies in Report Portal requests HOT 1
- Add extra .aspx page HOT 2
- ReportViewer control for .Net core
- Custome auth code- not able to upload pbix file after adding custom auth code in PBI report server HOT 1
- After the CustomSecuritySample runs successfully, the mobile app cannot connect to the Powerbi report server HOT 3
- After using custom forms authentication, how to Embed report in a web application using iframe ?
- Using Report Viewer Controls with Anonymous - rsAuthorizationTokenInvalidOrExpired
- Globals.ReportServerUrl does not reflect which binding the client used
- SSRS no longer understands alternate subject names
- Reports fail to render with my Custom Security Extension applied - 404 error on network resources
- 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed
- FormsAuthentication.RedirectFromLoginPage is Ok but need to refresh page
- Cannot Access Power BI Reports After Implementing CustomSecuritySample. HOT 1
- Reports Shared DataSets Endpoint does not work in the go client generated from swagger.
- Could not able to load the reports for https.
- Is there a way to check the filter parameters passed in the URL? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reporting-services.