The database user and password entered in Settings may be overridden by including a different user name and password in the web request. The change is in effect only during that specific web request. No changes are made to the .rpt files or the permanent settings.
The database username and password may be passed in as plain text using
dbUser=
and
dbPw=
for example,
ViewReport.aspx?reportName=catalog.rpt&dbUser=sa&dbPw=secret
where the user account “sa” will log in to the database using the password “secret”.
For sensitive data, the database username and password may be passed in as encrypted values using
dbUser-3DES=
and
dbPw-3DES=
for example,
ViewReport.aspx?reportName=catalog.rpt&dbUser-3DES=m0%2fTaSpWg78%3d&dbPw-3DES=v0AQ4VKvliE%3d
The encrypted strings in this example correspond to the user “sa” and password “secret”.
An encryption tool is available to create the encrypted strings at
http://yourserver/ReCrystallizeServer/EncryptTool.aspx
Similarly, AES encrypted values maybe be provided using
dbUser-AES=
and
dbPw-AES=
Post your comment on this topic.