I've had a fair number of questions from my customers around the use of Forms Authentication in conjunction with Report Builder. The basic thing people want to know is "does it work?".

As a matter of fact, it does. It functions the same way as with Windows Auth except for one behavior: Basically, there is no way to pass the Forms Auth cookie that was generated when a user logged into your application (or Report Manager) along to Report Builder. This is a limitation of ClickOnce applications.

Since we can’t pass the auth cookie to Report Builder, it must deal with the authorization process itself…so the client will pop up a simple logon dialog to your users. Double logon prompts are a bit messy, but I think it’s a fair trade-off in order to be able to use Report Builder with all security mechanisms in SSRS.