This is my first post, request you to please help....

BackGround:

The requirements for my project demanded SSRS 2005 to be configured to use custom security extension instead of its default windows authentication. I customized the FormsAuthentication sample that is installed with SQL Server 2005, to make this working. Therefore, in the present state of my SSRS, a login page is open whenever a user reaches Report Server or Report Manager url. The Report Server/Manager open only when correct credentials are entered and submitted by the user.

Now I will tell you something about the project.
The project is to create Reporting module for a CRM product created on ASP.NET. Therefore only the users of the CRM can have access to report server/manager/reports. This explain why I have configured custom security. The basic objective is to achieve SSO from the CRM website.
I am able to achieve SSO when both CRM and SSRS are on the same machine.

Problematic Scenario:

Now I will explain the part where I am facing difficulties and request your help.

Performing SSO into Report Server demands calling LogonUser() method of SSRS web-service (SSRS-WS) by passing the authentication credentials to it. This makes SSRS-WS run a code snippet that has been provided by me for authenticating users. Once the authentication outcome is success, SSRS web-service returns a FormsAuthentication cookie to the client. All the future access to SSRS have to accompany this cookie for the resource to open. Therefore the SSO into Report Server gets performed if LogonUser has been successfully called.
I am facing no problems when both SSRS and CRM web site are on the same machine, because the cookie that is sent in the HTTP request is on the same domain (Troubleshooting reveals it to be the name of computer) and is understood by SSRS.
However, the deployment demands SSRS to be on a separate box and all reporting functionality inside the CRM website to be implemented by calling SSRS webservice in remote location. Both these boxes will be different computers on the Microsoft Windows LAN network.
This essentially demands me to first call the LogonUser() method of the remote Web-Service to receive the cookie. Then I can perform a redirect to Report Server at remote location from the CRM page.

At present I am able to call the web-service method successfully, but the CRM web-site is unable to decrypt the data inside the cookie being received. The Domain of the cookie is also null.


HELP REQUEST:
I believe, solving this problem demands me to transfer the cookie from SSRS box to CRM box and then again pass the cookie back to SSRS box when a redirect is made to Report Server.

Please tell me how do i achieve this decryption/transfer of the FormsAuthentication cookie. I tried using the FormsAuthentication methods to achieve this, but am revealed it can not be used. This is because the place for the destination page (CRM) has already been taken by Report Manager page in SSRS.

Hope was able to explain my problem concisely. Would appreciate your help on achieving this and will await a reply.


thanks in advance,

Karan Tandon