I assume you're building a custom front end for reporting services
I don't know what authentication model you're using for the ASP .NET application, I've done something similar in the past and used integrated windows authentication.
It works pretty smoothly, if the user does encounter anything which they don't have access to then they are prompted for a username and password - although if they can see something that they haven't got permission to then your application should handle it more elegantly than that!
To answer your question, if the user is authenticated on the domain then the authentication will be passed onto the report builder when they open that. Just as if they were using the http://[servername]/reports web page to view reports.
If you are using a different authentication model then you will encounter problems.
Have a look
here[
^].
--Amit