Once we have configured SSRS to use Custom (Forms) authentication by deploying a custom security extension as described here, we can logon to MS Report Manager (MSRM) using credentials of our custom security framework via a logon web page.
However once you logon you will see that there is no way to logout or to expire the authentication cookie and to do so you need to close the browser. This problem is more pronounced for the “Verification Engineers” since they have to do so n number of times to test n authentication and authorization scenarios. Also it will be a pain for the end users too since they will surely struggle to find a way to logout.
To fix this we can cook a small hack using jQuery and trusty html/css by manipulating the top right hand breadcrumb of MS Report Manager(MSRM) web pages, which looks like this :
Step1 :
If we carefully inspect the html of MSRM, the name of this breadcrumb is msrs-topBreadcrumb. Using some jQuery we can identify this element and append the logout href at the end of its last child. Once you do this on every page, the pages should look something like below:
——————————————————————————————————————–
<%@ Register TagPrefix=”MSRS” Namespace=”Microsoft.ReportingServices.UI” Assembly=”ReportingServicesWebUserInterface” %>
<%@ Page language=”c#” Codebehind=”CacheRefreshProperties.aspx.cs” Inherits=”Microsoft.ReportingServices.UI.CacheRefreshPropertiesPage” EnableEventValidation=”false” %>
<html>
<head>
<title></title>
<script type=”text/Javascript” src=”jquery-1.7.1.min.js” > </script>
<script type=”text/Javascript” >
$(function() {
var a = $(‘.msrs-topBreadcrumb’);
var d = ‘<span style=”margin-left:2px;”>| <a href=”/Reportserver/logon.aspx?Logout=1″>Logout</a> </span>’;
$(d).appendTo(a.find(‘a’).last().parent());
});
</script>
</head>
</html>
——————————————————————————————————————–
Step 2:
Add the “jquery-1.7.1.min.js” file in “C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportManager\Pages”
We can download the jQuery file from internet.
Step 3:
Add the code to expire the authentication cookie on the logon.aspx page.
Note : Check the name of authcoooki from web.config which in our case is “sqlAuthCookie”
and that’s it, now the breadcrumb will look like below and clicking on “Logout” will logout the user:
Can something like this be done for SSRS 2016?
Any update for SSRS 2016?