Security rules violation exception when running subscriptions with SSRS Custom Authentication

Question

Security rules violation exception when running subscriptions with SSRS Custom Authentication

SAi 10

I have implemented SSRS Custom Authentication using Microsoft.Samples.ReportingServices.CustomSecurity.

Everything works correctly in SQL Server 2022 ReportServer- except for subscriptions.

When I add new subscriptions and executed it, I get the following error:

ERROR: Exception caught instantiating Forms report server extension: System.TypeLoadException: 

Inheritance security rules violated while overriding member: 
'Test.RSecurity.Authorization.CreateSecurityDescriptor(Microsoft.ReportingServices.Interfaces.AceCollection, 
 Microsoft.ReportingServices.Interfaces.SecurityItemType, System.String ByRef)'.

Security accessibility of the overriding method must match the security accessibility of the method being overriden.

   at System.Reflection.RuntimeAssembly.GetType(RuntimeAssembly assembly, String name, Boolean throwOnError, Boolean ignoreCase, ObjectHandleOnStack type)
   at System.Reflection.RuntimeAssembly.GetType(String name, Boolean throwOnError, Boolean ignoreCase)
   at System.Reflection.Assembly.CreateInstance(String typeName, Boolean ignoreCase, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at Microsoft.ReportingServices.Diagnostics.ExtensionClassFactory.<>c__DisplayClass15_0.<CreateExtensionObject>b__0()
   at Microsoft.ReportingServices.Diagnostics.RevertImpersonationContext.<>c__DisplayClass1_0.<Run>b__0(Object state)
   at System.Security.SecurityContext.runTryCode(Object userData)
   at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)
   at System.Security.SecurityContext.Run(SecurityContext securityContext, ContextCallback callback, Object state)
   at Microsoft.ReportingServices.Diagnostics.RevertImpersonationContext.Run(ContextBody callback)
   at Microsoft.ReportingServices.Diagnostics.ExtensionClassFactory.CreateExtensionObject(Extension extConfig, Boolean typeOnly)

library!WindowsService_0!2538!06/05/2025-14:15:28:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: 
Could not load Authorization extension, 
Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error.

Note: The custom assembly has `PermissionSetName="FullTrust"`.

What I’ve tried:

Adding the following attribute in the assembly:

[assembly: SecurityRules(SecurityRuleSet.Level1)] 

Also tried marking the method with:

[SecurityCritical]

Despite these, the subscription execution still fails.

Question: Is there any additional security configuration required to allow custom authentication assemblies to work with subscriptions in SSRS 2022?

Am I missing a key attribute or configuration for CreateSecurityDescriptor to pass CLR security checks?

0 comments

1 answer

Your answer

Answer 1

Deepesh Dhake 80

It looks like issue is not a configuration problem but it is an access modifier mismatch in your CreateSecurityDescriptor method.

Why it might be happening:

Regular report execution runs in user context - CLR security checks are relaxed
Subscription execution runs unattended - CLR performs strict security validation
If your overridden method has different access level than the base interface eg: protected instead of public

You can try following fix:

Verify all methods are public
Try deleting these lines, it looks like they are conflicting with your override signatures [SecurityCritical] [assembly: SecurityRules(SecurityRuleSet.Level1)]
Recompile and redeploy
Verify

Akhil Gajavelly 1,825 Reputation points Microsoft External Staff Moderator

2026-05-27T05:16:24.9933333+00:00

Hi @SAi ,

Thanks for sharing the additional details.

The guidance provided by the @Deepesh Dhake is aligned with the behavior typically seen during subscription execution in SSRS 2022, where CLR security validation is stricter than interactive report execution.

In particular, please verify that the overridden CreateSecurityDescriptor method exactly matches the base method signature and accessibility level (public) from the SSRS interface implementation. Even a small mismatch in accessibility or security attributes can trigger the Inheritance security rules violated exception during unattended subscription processing.

Also, after removing the additional security attributes and recompiling the assembly, make sure the updated DLL is redeployed to all required SSRS locations and the Report Server service is restarted before testing again.

Hope this helps, and thanks to the @Deepesh Dhake for the detailed guidance.

Thanks,
Akhil
Akhil Gajavelly 1,825 Reputation points Microsoft External Staff Moderator

2026-06-04T04:39:59.9133333+00:00

Hi @SAi ,

Thanks to @Deepesh Dhake for the detailed explanation. The guidance provided covers the most likely cause of this behavior in SSRS 2022, particularly around custom security extensions and CLR validation during subscription execution. Hopefully this helps anyone encountering a similar issue.

Thanks,
Akhil.

Share via

Security rules violation exception when running subscriptions with SSRS Custom Authentication

1 answer

Your answer