Teun.ToString()

by Teun Duynstee [Macaw]

<October 2008>
SuMoTuWeThFrSa
2829301234
567891011
12131415161718
19202122232425
2627282930311
2345678

Navigation

Subscriptions

News

I discontinued this blog. I now post at: www.TeunToString.net



Download Finch PocketBlogger

Post Categories

Article Categories



Setting CAS to use our Reporting Services data extension

This post refers to my article on reporting with Reporting Services over WSS Lists.

The extension presented in the article works fine in the Report Designer in Visual Studio, but it turns out that deploying it to the server requires some extra work. A problem you will encounter is that when you try to access your report through the Reporting Services website, it will give you an error like this:

Reporting Services Error

  • An error has occurred during report processing. (rsProcessingAborted) Get Online Help
    • Query execution failed for data set 'dataset_name'. (rsErrorExecutingCommand) Get Online Help
      • Request for the permission of type System.Net.WebPermission, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.

The problem here is that the Reporting Services engine does not trust our extension code. For more on Code Access Security in .NET, check out this MSDN article. We can tell it to trust our dll by editing the file rssrvpolicy.config that you will find in the C:\Program Files\Microsoft SQL Server\MSSQL\Reporting Services\ReportServer directory. It contains XML defining a number of CodeGroups and their corresponding trust levels. We just add this code snippet at the end of the list of CodeGroups:

Note that we specifiy our exact dll to be trusted. For new extensions you may add, you'll have to add these to the list of CodeGroups as well.

The FullTrust level is rather crude of course. You could define another named permission set that has exactly the required permissions for this extension (network access).

Also: I chose to specify which code to trust using the file location (UrlMembershipCondition). Some people say you'd better sign your assembly with a strong name and trust the strong name (StrongNameMembershipCondition). I am not a very big fan of strong naming and I would suggest resorting to this way only if you really need it. After all: people who can replace your dll in the bin directory can probably also tamper with the rssrvpolicy.config file. More on what's wrong with strong naming.

posted on Tuesday, June 14, 2005 12:34 PM by TeunD

# Report failing on server even after adding CAS settings @ Wednesday, October 01, 2008 8:20 AM

Hi!

First of all this is a great tool, and I'm absolutely amazed that Microsoft has not been able to provide us with an out of the box solution for querying sharepoint lists in reporting services. The builtin web services are just way to hard to work with, too many parameters etc...

On to my problem. My report works fine in the report designer but when I deploy it to SharePoint I get an error: "An error has occurred during report processing." Very helpfull...

Going to the log I find more details:
w3wp!processing!5!10/1/2008-13:54:11:: e ERROR: Throwing Microsoft.ReportingServices.ReportProcessing.ReportProcessingException: Query execution failed for data set 'ListExtensionData'., ;
Info: Microsoft.ReportingServices.ReportProcessing.ReportProcessingException: Query execution failed for data set 'ListExtensionData'. ---> System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Diagnostics.ListenerElementsCollection.GetRuntimeObject()
at System.Diagnostics.TraceInternal.get_Listeners()
at System.Diagnostics.TraceInternal.WriteLine(String message)
at System.Diagnostics.Debug.WriteLine(String message)
at Macaw.ReportingServices.SharepointListExtension.Command.ExecuteReader(CommandBehavior behavior)
at Microsoft.ReportingServices.ReportProcessing.ReportProcessing.RuntimeDataSetNode.RunDataSetQuery()
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.SecurityPermission
The first permission that failed was:
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="UnmanagedCode"/>

The demand was for:
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="UnmanagedCode"/>

The granted set of the failing assembly was:
<PermissionSet class="System.Security.PermissionSet"
version="1">
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Execution"/>
<IPermission class="System.Security.Permissions.UrlIdentityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Url="file:///C:/Program Files/Microsoft SQL Server/MSSQL.3/Reporting Services/ReportServer/bin/Macaw.ReportingServices.SharepointListExtension.DLL"/>
<IPermission class="System.Security.Permissions.ZoneIdentityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Zone="MyComputer"/>
</PermissionSet>

The assembly or AppDomain that failed was:
Macaw.ReportingServices.SharepointListExtension, Version=1.0.2785.23843, Culture=neutral, PublicKeyToken=null
The method that caused the failure was:
Microsoft.ReportingServices.DataProcessing.IDataReader ExecuteReader(Microsoft.ReportingServices.DataProcessing.CommandBehavior)
The Zone of the assembly that failed was:
MyComputer
The Url of the assembly that failed was:
file:///C:/Program Files/Microsoft SQL Server/MSSQL.3/Reporting Services/ReportServer/bin/Macaw.ReportingServices.SharepointListExtension.DLL
--- End of inner exception stack trace ---


As you can see it fails with a slightly different exception from the one you detail in this post, namely "System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed."

Any ideas what I can do to fix this? I've added the changes to rssrvpolicy.config that you describe...

Olav




Powered by Dot Net Junkies, by Telligent Systems