topic Customise Identity Manager in ArcGIS JavaScript Maps SDK Questions

Customise Identity Manager

ShaunWeston — Mon, 06 May 2013 08:02:06 GMT

Just having a look at the identity manger for securing services - http://help.arcgis.com/en/webapi/javascript/arcgis/jsapi/identitymanager.html

And wondered if anyone has done much customisation around this and how to do it e.g. Change to jQuery popup, changing text that appears in login popup, don't show again checkbox?

Cheers 🙂

Re: Customise Identity Manager

KevinMacLeod1 — Mon, 06 May 2013 13:34:50 GMT

And if it's OK I'll jump on this bandwagon -- anyone using server-side authentication with ESRI secured REST services, via ASP.NET, and have it up as a site we could check out?

So, instead of a second popup for credentials it just uses the ones you already provide if you log in to the standard Windows Forms ASP.NET site (with the Log In on Site.Master and SQL Server database backend functionality). We have API 3.4 with Arc 10.0 Sp5 secured REST service now. We are testing with Identity Manager but it'd be nice to piggyback on the built-in ASP.NET authentication mechanism. I guess in referring to this http://help.arcgis.com/en/webapi/javascript/arcgis/jshelp/ags_secureservices.html it may (does?) involve a proxy page? Haven't played with those, we've attempted to stay away from it until we really need it. If we figure this out we'll post back here, too.

Re: Customise Identity Manager

danbecker — Mon, 06 May 2013 14:28:55 GMT

Just having a look at the identity manger for securing services - http://help.arcgis.com/en/webapi/javascript/arcgis/jsapi/identitymanager.html

And wondered if anyone has done much customisation around this and how to do it e.g. Change to jQuery popup, changing text that appears in login popup, don't show again checkbox?

Cheers 🙂

haven't swapped out the dialog, but I did change the text by adding this to init function.
If you do customize text, make sure and maintain the ${server} and ${resource} params, otherwise the dialog doesn't work.

esri.bundle.identity.info = "If you have not received a login, please contact this person. <br><br>addy@email.com ${server} ${resource}";

Re: Customise Identity Manager

danbecker — Sat, 11 Dec 2021 07:40:18 GMT

And if it's OK I'll jump on this bandwagon -- anyone using server-side authentication with ESRI secured REST services, via ASP.NET, and have it up as a site we could check out?

So, instead of a second popup for credentials it just uses the ones you already provide if you log in to the standard Windows Forms ASP.NET site (with the Log In on Site.Master and SQL Server database backend functionality). We have API 3.4 with Arc 10.0 Sp5 secured REST service now. We are testing with Identity Manager but it'd be nice to piggyback on the built-in ASP.NET authentication mechanism. I guess in referring to this http://help.arcgis.com/en/webapi/javascript/arcgis/jshelp/ags_secureservices.html it may (does?) involve a proxy page? Haven't played with those, we've attempted to stay away from it until we really need it. If we figure this out we'll post back here, too.

In a round-about way we're in the process of doing something similar. Rather then a 100% custom solution, we are still using the built-in esri Token security mechanism. This is all for a one-time login. If the user originates from an "already secured site" they have permission to view the js app. But, we dont' have access to the "already secured site's" auth. mechanism. So, here's how we handle it.

external site--> server out of our control
    user clicks link to js app--> server out of our control
    jquery ajax fires call to .ashx handler--> server out of our control
        server side .ashx handler grabs client IP--> server out of our control
        .ashx handler sends client IP to ourServer.php script via url post--> our server
                -ourServer.php checks ip of incoming call,
                -if from accepted IP, requests a token from the GIS Server using hard-coded creds.
                -stores token, client IP and random gen. key in sql db
                - returns random key to .ashx handler
        .ashx handler returns key to ajax success handler-->server out of our control
    jquery appends key to js app link href attribute-->server out of our control

js app checks for key when the user arrives at site--> our server
    -if a key is found, the proxy.php page query's sql db, and retrieves the previously stored token using the key and client IP
    -if key and client IP match, return token to js app
js app loads token using the same method here: http://help.arcgis.com/en/webapi/javascript/arcgis/jssamples/widget_identitymanager_client_side.html
    -if the token is valid and not expired, the identityManager will handle the credential and not prompt for login

if for some reason the https://oursite/jsLInk?key=aRandomstring is emailed to a dif. user, and they try the link within 60mins (token expiration) of when the orig. user clicked on js app link, it won't work because the proxy.php script on our server wont' retrieve the token from sql db because client2 has a dif. IP as what's associated with the key that client2 is passing