I have a customer who needs to use Basic Auth with SQL Reporting Services 2005, so I wanted to make sure they could get at Report Builder too.
WARNING: Don’t EVER do this unless you are using SSL with Reporting Services!
If you turn Basic Authentication on for the /ReportServer and /Reports vdirs, then turn Windows Authentication OFF, Reporting Services will pretty much function as usual. When you surf to http://someMachine/reports, IE will prompt you for credentials (Basic), and then you get Report Manager, etc. etc.
However, if you try to browse to http://someMachine/reportserver/reportbuilder/reportbuilder.application to open Report Builder, Report Builder tries to load, but you very quickly get the error: “Cannot Retrieve Application. Authentication Error”.
Thanks to some help from Bob Meyers and Tudor Trufinescu, it became apparent that the web server must allow anonymous access to the /reportserver/reportbuilder folder, or the ClickOnce process on the client cannot download the Report Builder bits. The ClickOnce process cannot prompt for credentials, so it must use Windows credentials, which will never work if the server is set to Basic Authorization…Therefore, a failure.
So, you must use Internet Information manager to grant Anonymous access on the /ReportServer/ReportBuilder folder. Once you do this, we can successfully “grab” the ReportBuilder bits. After we’re actually able to download and launch Report Builder, it will actually prompt the user for credentials.
WARNING, part deux: DO NOT grant Anonymous on the parent /ReportServer vdir..this would be a bad, bad thing.