I have spent some time getting Forms Authentication working with 2008 (R2) I have one final problem left that is causing intense frustration...
The working bits:
a) Built and tested the required extension - thanks to a combination of old Microsoft example supplemented by the one from chapter 19 of Teo Lachev's book, supplemented by Brian Lawson's book.
b) used existing user/group structures in the db to implement role level permissions
c) Can now grant rights to usernames and the usernames validated against our db, they can log in fine and run reports.
d) Nice customised login screens that login across the application and Reporting Services with a single login - which was the primary aim after all!
e) can grant rights to folders at group level and granting/revoking those rights adds or removes the folders in ReportManager - all looking wonderful
The last hurdle:
If I grant permissions to a specific username (we use email address as the username) then that user can log in to ReportManager fine and see what they should see, so it seems like the bulk of the authentication and authorisation extension logic is OK.
If I grant the exact same permission to a role, and make a login a member of that role (removing the specific username permission) then they
View Complete Post