I ran into an odd behavior the other day with SSRS 2008.  I was troubleshooting a Reporting Services 2008 issue where the authentication was not properly configured, so the customer would get three login prompts and then a blank screen.

Now, anyone who has been supporting SSRS for any period of time is familiar with the three-and-out behavior that is seen when authentication is failing.  However, this generally results in a nice 401 error being returned by IIS.

And that is the rub!  Prior to SSRS 2008, Reporting Services sat on top of IIS.  However, SSRS 2008 natively hosts HTTP.SYS.  The good news is that removing the dependency on IIS means that ISAPI filters and inherited web.config values can no longer break Reporting Services.  The bad news is that you don’t get all of the IIS functionality for free!

In the case of a 401, you were totally rejected by SSRS.  In its current implementation, SSRS does not return a 401 on an authentication failure.  It just returns blank HTML.  Now, I would argue that SSRS should return something more informative to the browser, but at this point it does not.

So, the recommendation I would give is to start thinking authentication issues if you ever see an empty HTML page returned by SSRS.


P.S.  There is a two line reference to this behavior in http://msdn.microsoft.com/en-us/library/cc281253.aspx, but you’ll forgive me if I overlooked it until the other day.