Databases Reference
In-Depth Information
Navigating to the
asmx
file in that directory brings you to the Web service itself:
http://<server_name>/reportserver/reportservice.asmx
.
Chapter 12 covers working with the Web service in depth.
Remember that Report Manager, the report management and viewing tool, is a separate application
from the Report Server. It also has its own virtual directory in IIS, located at:
http://<server_name>/reports
Navigating to that address will bring up the Home page in Report Manager. Anytime you want easy
access to information about virtual directories and IIS in general, trip over to IIS help by pointing your
browser to:
http://<server_name>/iishelp
There's a lot more you can do with URLs and URL addressing. We'll discuss those in depth in the next
chapter. In the meantime, let's cover a critical area for Reporting Services and IIS: securing client com-
munication with the report server.
During installation of Reporting Services, setup provides an option to Use SSL connections when retrieving
data on these virtual directories. For most installations, this option should be selected. While most every
component of the Reporting Services process has layers of security protecting it, the communication
between the client application and the Report Server Web service remains open and vulnerable to attack.
An effective strategy to use against this type of threat is to use SSL.
SSL secures the data during transmission by encrypting it. Although there's a small performance hit, the
benefit is peace of mind. Even if the transmission is snagged and read, the contents remain secure. To
enable SSL on your IIS instance, you install an SSL Certificate.
There are two types of SSL Certificates: Those that are obtained from another authority, and those that
you declare for yourself. Subordinate Certificates are signed by a “trusted' certificate authority. You
purchase the certificate and install it on your web server. Client browsers will recognize the named
certificate authority and display the lock symbol in the status bar.
Declaring yourself as a Root Certificate Authority gives you the ability to create SSL connections without
conferring with a higher authority. It's a simple process to install a certificate this way. The drawback is
that client browsers won't trust your certificate and will display a warning to the user each time they
visit the site — unless extra security settings are made in each client browser. For more on setting up SSL
Certificates, see msdn.microsoft.com.
IIS virtual directories can be created and managed in the Reporting Services Configuration Manager,
which is discussed later in this chapter. In the meantime, let's briefly look at log files and delivery settings.
Log files
During the setup process, the Report Server creates a folder for log files. It's located one level below the
Reporting Services install directory, in the following:
C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\LogFiles
Search WWH ::
Custom Search