Impersonate in Reporting Services ASP.NET Web Clients

This issue comes up quite often with users who are building client Web applications that use the Reporting Services Web service. When you develop ASP.NET client applications that generate a Web service proxy, you can authenticate the current user to the Web service in your code. However, in ASP.NET, impersonation is turned off by default. This means that when you run your client application using integrated security, regardless of the current user, your client accesses the report server using the ASPNET account (for example NT AUTHORITY\NETWORK SERVICE under Windows 2003). This is not a very privileged user in Reporting Services (for good reason). You will need to enable impersonation in your Web application. The easiest way to do this is to modify the Web.config file for your client app. Simply add the following line within the <system.web> configuration element:


<identity impersonate="true" />