Backend access and authenticationToken

1 Answer 180 Views
.NET 5 DataSource WebService Report Designer (standalone)
Raul
Top achievements
Rank 1
Raul asked on 01 Feb 2022, 04:44 PM

Hello,

I'm using the Reporting Tool with an Angular Frontend and have a question how the authentication works.
The report is created with the standalone ReportDesigner and contains one SubReport.

In the frontend the authentication token is assigned:
<tr-viewer 
...
    [authenticationToken]="authenticationToken"
</tr-viewer>

In the Designer a 2-step authentication is configured - only for design purpose.

The desired behaviour is that the authenticationToken assigned in the frontend is used when accessing the backend controller. But the observed behaviour is that the report requests multiple times (3) new tokens by calling the login URL assigned to the 2-step authentication config. 

How can I configure the Report so that no new tokens are requested and the one assigned on the frontend is used (via Bearer xxxx). Nevertheless the Controller Entry-Point for data retrieval for the report dataSource must be protected. And what is the report auth behaviour by design?

1 Answer, 1 is accepted

Sort by
0
Todor
Telerik team
answered on 04 Feb 2022, 03:29 PM

Hi Raul,

If I understood correctly, you are using a WebServiceDataSource and Angular Viewer.

Let me clarify that the authenticationToken assigned in the frontend, i.e. the Angular Report Viewer, is used when accessing the Telerik Reporting REST Service. The ReportsController is authorized and if you provide the authentication token, the viewer will send the token as a header in the requests it makes to the Reporting REST Service.

The WebServiceDataSource authentication is completely independent of the authenticationToken passed from the viewer. It authenticates to the Web Service with the credentials configured in the WebServiceDataSource component. The Reporting engine will utilize these credentials to call the service and fetch the data when processing the report. Note that the request to the Web Service will be sent from the engine that runs in a dedicated thread in the Reporting REST Service and not from the viewer.

If you need to provide the same authentication token that you send from the viewer also to the Web Service, you will have to configure it in the report definition, so that the Reporting engine can use it. This may happen in a custom ReportSource resolver. I suspect that you already use such, as the Web Service URL gets called three times. If so, consider also assigning the DataSource only when the OperationOrigin that is sent as an argument in the Resolve method is GenerateReportDocument. The reason is that the data is not needed in the rest of the calls for resolving the reportSource.

Regards,
Todor
Progress Telerik

Brand new Telerik Reporting course in Virtual Classroom - the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products. Check it out at https://learn.telerik.com/.
Tags
.NET 5 DataSource WebService Report Designer (standalone)
Asked by
Raul
Top achievements
Rank 1
Answers by
Todor
Telerik team
Share this question
or