Jon Jon - 3 months ago 30
ASP.NET (C#) Question

Why do I get a 500 when trying to download an SSRS report using URL access?

I have a report that seems to work fine, but when trying to download it in my asp.net MVC application, I get a 500. I am simply trying to download a pdf version of it using URL access. To do this I do the following:

WebClient client = new WebClient();
NetworkCredential nwc = new NetworkCredential(ConfigurationManager.AppSettings["SSRSUserName"], ConfigurationManager.AppSettings["SSRSPassword"]);
client.Credentials = nwc;
string paramList = "&OrderId=" + orderId;

string reportURL = ConfigurationManager.AppSettings["SSRSBaseUrl"] +
ConfigurationManager.AppSettings["SSRSReport"] +
"&rs:Command=Render&rs:Format=PDF" +
paramList;
try
{
byte[] reportBytes = client.DownloadData(reportURL);
}


To verify that my report works fine, I took the resulting reportURL string, threw it in a browser, and sure enough my report downloaded perfectly.

Does anybody know why I would get a 500 in my application, but the pdf would download perfectly fine outside of my application with the same URL? Is their some configuration that I am missing?

The server version is SQL Server 2016

Answer

To summarize the discussion and solution, using default credentials by setting the property UseDefaultCredentials = true for the WebClient resolved the generic 500 internal server error.

Since your installation is post SQL Server 2008, authentication requests are handled internally by the Reporting Services instance.

In previous versions of Reporting Services, all authentication support was provided by IIS. Starting with the SQL Server 2008 release, IIS is no longer used. Reporting Services handles all authentication requests internally.

By default, the Reports Server uses authentication methods that rely on Windows Integrated authentication: Negotiate and NTLM as mentioned in Authentication with the Report Server.

Since the Reports Server in this case is using one or all of the following authentication methods: Negotiate, NTLM and Kerberos and this is not an ASP.NET application, default credentials need to be used as explained in DefaultCredentials:

The DefaultCredentials property applies only to NTLM, negotiate, and Kerberos-based authentication.

DefaultCredentials represents the system credentials for the current security context in which the application is running. For a client-side application, these are usually the Windows credentials (user name, password, and domain) of the user running the application. For ASP.NET applications, the default credentials are the user credentials of the logged-in user, or the user being impersonated.

This is why you could access the Report Viewer via the URL in your browser but not in your application.