preloader-matrix

Alfasith

what is the difference between Hidden and Internal in Parameter visibility ? in SSRS

Hi,
let me say you Develop a Report which has a parameter as  User!userID.Value (Named as EmployeeID in Reports)  to Filter your Data in the Reports and this is captured when user logs into Report Manager.
Case 1:
If you have this EmployeeID  as Internal you cant change this Value by passing this Value in URL.
Case 2:
If you have this EmployeeID  as Hidden and Deployed it..you can OverRide User!userID.Value by passing this Value in URL Like this ..
http://server/reportserver?/Sales/Northwest/Employee Sales Report&rs:Command=Render&EmployeeID=1234
Employee 1234 can pass 1235 and see his Data which will be security threat.
Hope this Clarifies your Doubt.

Leave a Reply

Your email address will not be published.