Hi James, I have encountered this situation in the past and found one way that the problem can be solved is by obtaining the dynamic token at the server and writing it to a Javascript variable in the page which can dynamically be used by appending it to your MapService URL's just like you have in your post. For example; in your main default.aspx.cs page (or similar) you can use a function like the following to get a valid token: protected const string TOKEN_URL_TEMPLATE = @"{0}://{1}/arcgis/tokens?request=gettoken&username={2}&Password={3}&clientid={4}&expiration={5}"; public string UserToken = "INVALID SSO TOKEN OR FAILED LOGIN."; protected string getUserRoleToken(string username) { string s = ""; WebClient client = new WebClient(); ServicePointManager.ServerCertificateValidationCallback += new System.Net.Security.RemoteCertificateValidationCallback(bypassAllCertificateStuff); string tokenRequestUrl = String.Format(TOKEN_URL_TEMPLATE, "https", ESRI_MAP_SERVER, username, "PASSWORD", "", 1440);//1440 is the token lifetime // Add a user agent header in case the // requested URI contains a query. client.Headers.Add("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705;)"); Stream data = client.OpenRead(tokenRequestUrl); StreamReader reader = new StreamReader(data); s = reader.ReadToEnd(); data.Close(); reader.Close(); UserToken=s; return s; } //This Method is needed to avoid errors when you are using a self-signed certificate private static bool bypassAllCertificateStuff(object sender, X509Certificate cert, X509Chain chain, System.Net.Security.SslPolicyErrors error) { return true; } After generating a token, you can include it in your page: <script type="text/javascript"> djConfig = { parseOnLoad: true, baseUrl:'./', isDebug: false, usePlainJson: true, locale: 'en' }; var userToken = '<% Response.Write(UserToken);%>'; </script> ___________________________________________________ Once you have done the above, you can utilise the userToken JS variable in your map service urls eg: new esri.layers.ArcGISDynamicMapServiceLayer(<my Map Service> + "?token=" + userToken); ################################# With all of that in place you have the beginnings of a framework that can request authentication directly from the web-page user and relay that to the server in a secure/third-party or federated way. I Hope this helps Kind Regards Wayne Lee-Archer Senior Consultant - Professional Services ESRI Australia (ACT).
... View more