I'm running into an issue when trying to implement custom authentication using client certificates, with the sample forms authentication setup from https://github.com/Microsoft/Reporting-Services/tree/master/CustomSecuritySample as a base. Specifically, I am trying to access CERT_SUBJECT in logon.aspx, but I have tried multiple methods to access it and they all return an empty value:
- Request.ClientCertificate.Subject
- Context.Request.ServerVariables["CERT_SUBJECT"]
- Request.ServerVariables["CERT_SUBJECT"]
I have an IIS server that requires certificates which redirects the reports andreportserver path to the proper SSRS URL (localhost/reports andlocalhost/reportserver) using URL rewrite. I have also configured the rewrite rules to passthrough CERT_SUBJECT, and I can confirm that the server variable being is passed through correctly by forcing the rule to redirect to the raw variable {C:0}, which does indeed display the cert subject in the address bar.
reports/web.config:
<rules><rule name="ReverseProxyInboundRule1" enabled="true" stopProcessing="true"><match url="(.*)" /><action type="Rewrite" url="http://localhost:8080/reports/{R:0}" appendQueryString="true" /><conditions trackAllCaptures="true"><add input="{CERT_SUBJECT}" pattern="(.*)" /></conditions><serverVariables><set name="CERT_SUBJECT" value="{C:0}" /></serverVariables></rule></rules>
reportserver/web.config:
<rules><rule name="ReverseProxyInboundRule1" enabled="true" stopProcessing="true"><match url="(.*)" /><action type="Rewrite" url="http://localhost:8080/reportserver/{R:0}" appendQueryString="true" logRewrittenUrl="false" /><conditions trackAllCaptures="true"><add input="{CERT_SUBJECT}" pattern="(.*)" /></conditions><serverVariables><set name="CERT_SUBJECT" value="{C:0}" /></serverVariables></rule></rules>
So I have limited the problem to something related to SSRS's configuration files or an ASP.net setting I am unaware of. However, I am extremely inexperienced with web servers and ASP.net, so I have no idea where to look next.
I have the basic forms authentication (username/password) working fine by following the sample.
This is similar to the issue found here: https://forums.asp.net/post/6239941.aspx