We are in the process of converting to custom security (forms auth) in SSRS and have some questions regarding the SSRS Soap API.
How does SSRS determine which users can invoke ReportingService2010.SetPolicies() method and which ones can't? We only want a limited set of SSRS users to be able to invoke this method.
Does SSRS audit invocation of SOAP calls (i.e. John Smith invoked SetPolicies() with arguments A,B,C)?
thanks
scott