1

我有一个 ASP.NET (v2.0) Web 应用程序,它使用对 SQL Server Reporting Services 208 R2 实例的引用(使用 ReportService2010.asmx 服务端点)。Web 应用程序托管在 ServerA 上,而 Reporting Services 实例托管在 ServerB 上。ServerA 正在运行 Windows Server 2003 (IIS6),ServerB 正在运行 Windows Server 2008 R2。

Web 应用程序配置为使用 Windows 身份验证并打开模拟。当我在 ServerA 上本地运行 Web 应用程序(使用远程桌面连接)时,它可以工作,但是当我从桌面计算机(Windows XP)运行时,我收到以下错误:

“/MyWebApp”应用程序中的服务器错误。

请求失败,HTTP 状态为 401:未授权。说明:执行当前 Web 请求期间发生未处理的异常。请查看堆栈跟踪以获取有关错误及其源自代码的位置的更多信息。

异常详细信息:System.Net.WebException:请求失败,HTTP 状态 401:未授权。

源错误:

在执行当前 Web 请求期间生成了未处理的异常。可以使用下面的异常堆栈跟踪来识别有关异常起源和位置的信息。

堆栈跟踪:

[WebException:请求失败,HTTP 状态 401:未授权。] System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage 消息,WebResponse 响应,流 responseStream,Boolean asyncCall)+431289
System.Web.Services.Protocols.SoapHttpClientProtocol。 Invoke(String methodName, Object[] parameters) +204
ReportingServices.ReportingService2010.ListChildren(String ItemPath, Boolean Recursive) +81 Default.LoadReports() +54
Default.Page_Load(Object sender, EventArgs e) +224
System.Web.Util .CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35 System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +50
System.Web.UI.Page.ProcessRequestMain(布尔型 includeStagesBeforeAsyncPoint,布尔型 includeStagesAfterAsyncPoint)+627


版本信息:Microsoft .NET Framework 版本:2.0.50727.3634;ASP.NET 版本:2.0.50727.3634

加载报告方法:

private void LoadReports()
{
    ReportingService2010 rService = new ReportingService2010();

    rService.Credentials = System.Net.CredentialCache.DefaultCredentials;
    CatalogItem[] catalogItems;
    catalogItems = rService.ListChildren(ReportPath, true);

    BuildTree(catalogItems);
}

ServerA 上的应用程序事件日志包含以下附加详细信息:

Event Type: Warning
Event Source:   ASP.NET 2.0.50727.0
Event Category: Web Event 
Event ID:   1309
Date:       28/06/2012
Time:       11:25:16
User:       N/A
Computer:   ServerA
Description:
Event code: 3005 
Event message: An unhandled exception has occurred. 
Event time: 28/06/2012 11:25:16 
Event time (UTC): 28/06/2012 10:25:16 
Event ID: 11f6bec3e91045229f4e34a5d2de78e9 
Event sequence: 4 
Event occurrence: 1 
Event detail code: 0 

Application information: 
    Application domain: /LM/W3SVC/1/Root/MyWebApp-1-129853527126453497 
    Trust level: Full 
    Application Virtual Path: /MyWebApp 
    Application Path: c:\inetpub\wwwroot\MyWebApp\ 
    Machine name: ServerA 

Process information: 
    Process ID: 1180 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 

Exception information: 
    Exception type: WebException 
    Exception message: The request failed with HTTP status 401: Unauthorized. 

Request information: 
    Request URL: http://ServerA/MyWebApp/Default.aspx 
    Request path: /MyWebApp/Default.aspx 
    User host address: 192.168.100.130 
    User: DOMAIN\mylogin 
    Is authenticated: True 
    Authentication Type: Negotiate 
    Thread account name: NT AUTHORITY\NETWORK SERVICE 

Thread information: 
    Thread ID: 1 
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
    Is impersonating: False 
    Stack trace:    
   at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at ReportingServices.ReportingService2010.ListChildren(String ItemPath, Boolean Recursive)
   at Default.LoadReports()
   at Default.Page_Load(Object sender, EventArgs e)
   at System.Web.Util.CalliHe.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
   at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
   at System.Web.UI.Control.OnLoad(EventArgs e)
   at System.Web.UI.Control.LoadRecursive()
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
4

1 回答 1

4

启用身份验证委派

使用 Active Directory 用户和计算机 Microsoft 管理控制台(开始 > 运行 > “dsa.msc”),打开 ServerA 服务器条目的属性。在委派下,选择信任此计算机以委派给任何服务(仅限 Kerberos)

配置 SPN

使用以下命令注册服务主体名称 (SPN):

setspn -S http/ServerB ReportingServicesServiceAccount
setspn -S http/ServerB.domain.com ReportingServicesServiceAccount

ReportingServicesServiceAccount用于在 ServerB 上运行 Reporting Services 服务的服务帐户在哪里。

于 2012-06-28T16:22:10.027 回答