Re: Using forms authentication to control security access to msolap.asp. Is it possible using ASP.NET?

Dave:
IIS Server and Analysis Services are currently in the same machine, and
we don't pretend to change this in near future, at least unless this
authentication problem is resolved.
We are using HTTP access, and only the HTTP port 80 is enabled in our
firewall. The "Pivot Table" component maps to the URL in our IIS server, as
described in the docs you presented to me.
Resuming, our infra seems to be ok.
The problem is that we use Forms Authentication to validate user and
password. Our application has a user database, and the internet portal can
be used to add/ edit users, and to change their roles in the system. We
can't leave the URL of MSOLAP open to the world, as I told before, because
this is a big security issue.
It seems to me that MSOLAP.ASP + MSMDPUMP.DLL page are only a "bridge"
between Analysis Services and the "Pivot Table" component present in some
ASP.NET (or HTML) page. I've successfully change MSOLAP.ASP page to log all
Server Variables, Cookies and Session attributes into a file. But that what
is really usefull to me (Session) is unavailable, probally because it's
provided by an ASP.NET application.

So, my two questions are:
1. Is there some trick to enable Forms Authentication in MSOLAP.ASP? (my
guess is No based on your post...)
2. Is there some port of MSOLAP.ASP to ASP.NET? I've tryed one, but
everytime I call the MSMDPUMP method I receive a COMException... I'll keep
trying.

Well, this is it.

"Dave Wickert [MSFT]" <dwickert@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:ess%23o0rcFHA.1288@xxxxxxxxxxxxxxxxxxxxxxx
> Analysis Services only supports NT authentication. Ultimately everything
> has to get back to an NT account. See the section titled "Security
> Administration" in the AS Operations Guide
> http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/anservog.mspx
> and additional information in the Improved Web Connectivity white paper
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql2k/html/sql_datapump.asp
>
> What kind of connectivity do you have between the IIS server (where your
> ASP.NET app is running) and the Analysis server? Are they on the same
> machine? Or different machines in same domain? Or different machines with
> a firewall between them?
>
> What kind of access are you using between your ASP.NET app and Analysis
> Services? TCP/IP or http access? If using TCP/IP then your server name in
> the connectstring is the machine name for the Analysis server -- if using
> http access then your server name in the connectstring is:
> http://<machinename>/<virtual_directory_for_where_msolap_dot_asp_lives>
>
> What that I could provide some guidance around what your options are.
> --
> Dave Wickert [MSFT]
> dwickert@xxxxxxxxxxxxxxxxxxxx
> Program Manager
> BI SystemsTeam
> SQL BI Product Unit (Analysis Services)
> --
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
>
> "Ravi Ambros Wallau" <nospam@xxxxxxxxxx> wrote in message
> news:%23UxihJrcFHA.2688@xxxxxxxxxxxxxxxxxxxxxxx
>> Hi:
>> My organization has developed a portal made in ASP.NET (C#). This
>> portal is open for Internet, and we decide to use Forms Authentication to
>> validate user and password. This authentication doesn't seems to be valid
>> (or not) when using MSOLAP.ASP. It's a big security risk for me leave the
>> MSOLAP.ASP page open "to the world", and it's really boring to the user
>> tip a logon information again, and also the extra effort to keep a second
>> user database (in Windows or in another place) is tedious, error prone
>> and inneficient.
>> Is there some way that force MSOLAP.ASP to use Forms Authenticatiom?
>> Debugging this ASP page, I have some suspicious that cookies and another
>> informations are sent with MSOLAP request, better saying, some browser
>> informations are sent within ActiveX request.
>> But I really can't find any usefull to validate the user. Session is
>> unavaiable for me, I believe that the reason is that my application is
>> developed is ASP.NET.
>> Is there some port of MSOLAP.ASP for .Net platform? Is it possible to
>> use Forms Authentication? Did anyone had the same problem?
>>
>> Thanks,
>> Ravi.
>>
>
>


.