Putting a login screen onto sample flex viewer?

grahamcooke · ‎05-04-2010

Has anyone successfully put a login system "in front" of the sample flex viewer? Can this be done using states in flex? If anyone can help me out I'd be most grateful!!

CarmenDurham · ‎05-14-2010

This is exactly what we did with our Flex App - used .net "wrapper" with a login page and asp.net database for users and roles. I copied what is normally in the index.html from FlexViewer into an .aspx that the login page redirects to.

Then to totally secure the entire directory (so a person couldn't access any .swfs directly), I applied the "Wild Card Mapping" as cgishack mentioned above. We also use a mix of secured and non-secured Map Services. Seems to work well.

Carmen

seanlo · ‎05-20-2010

ctalleygreenville,

When you say you use secured map services for the flex app.. do you mean the sample flex viewer or your own flex app?

I have not been able to figure out how to use secured services for the SFV since i've been tackling it. I have already created my own flex app to handle secured services/multi-tiered users, but the SFV = no go for me when it comes to security.. please do share with us how you did it. 🙂

Sean

seanlo · ‎06-14-2010

Yarrr. I finally got that secured service to work with the sample flex viewer. Too late to implement it for the current project though.. ah well, cest la vie.

At least i'll be able to do it easily for the next few projects. =D

CarmenDurham · ‎06-15-2010

Sean,
Sorry for the delayed reply. Since the forums don't seem to email me anymore when there are replies, I don't think to look all the time.

I am using both secured and non-secured services within the Sample Flex Viewer. Although, we have customized the original download quite a bit. But that SFV code was our base.

In the LiveLayerWidget.xml for that layer, here is a sample of what should be in the Layer tag (we are using https, you may not be):
<layer>https://yourserver/ArcGIS/rest/services/yourSecuredServicesFolderName/yourSecureServiceName/MapServe...</layer>
(where 0 is the layer ID we are using. Substitute whatever the ID is for your secure layer)

If you are editing the SFV in FlexBuilder on your PC and testing there, then you have to request a token using the IP address of your PC (vs. web app url).

Once you copy the app to the actual server, then you must replace the token in the .xml with a new one. You will have to request the token using the WebApplication URL which must be the server and app name. When I requested the token, I had to use:
https://myservername/myAppName

I think getting the token right depending on where I was working was the most confusing at the time.

Hope this helps.

Carmen

ctalleygreenville,

When you say you use secured map services for the flex app.. do you mean the sample flex viewer or your own flex app?

I have not been able to figure out how to use secured services for the SFV since i've been tackling it. I have already created my own flex app to handle secured services/multi-tiered users, but the SFV = no go for me when it comes to security.. please do share with us how you did it. 🙂

Sean

seanlo · ‎06-16-2010

Hey Carmen,

When you say: "Once you copy the app to the actual server, then you must replace the token in the .xml with a new one."
Are you doing a long lived token? Just out of curiosity. 🙂

I have successfully tried the following methods in the SFV:

1) HTTPservice the token url, login, and obtain a short lived token. Use that token to access services.

Or

2) Login to the rest admin via HTTPservice. This grants my application access to the rest services.

CarmenDurham · ‎06-17-2010

Sean,

You have succeeded in doing what I was TRYING to do a while back but never succeeded - which is your 1st scenario above. I wanted to get a short lived token on the fly. I was using HttpService within a LivelayerWidget's .mxml . My url in the code for the request works fine when I copy and paste into IE. It returns a token. I could then hard code the returned token in the .xml and it would work. But running it through the code, would not work. The url is of this format:
https://myservername/arcgis/tokens?request=gettoken&username=myuname&password=mypwd&clientid=ip.999....

I keep getting this error or similar: [RPC Fault faultString="HTTP request error" faultCode="Server.Error.Request" faultDetail="Error: [IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #2032"].

I had to put the "request token on fly" on hold in order to just get the project working and have not gotten back to it.

So, I am just hardcoding a longlived token into the .xml for now. Since we are using https for the application, I am *hoping* that is keeping the token from being transmitted as clear text.

If you have any advice, pass it along.

seanlo · ‎06-17-2010

When you say the short lived token doesn't work, are you referring to the SFV or your own application?

If you are referring to the SFV, there are certain events which must only fire AFTER the http token is obtained. All my modifications are done in Mapmanager.mxml.

CarmenDurham · ‎06-23-2010

Ohhhh. I will take a look at working with MapManager vs. the widget. This app is using the SFV code.
Thanks for the tip.

Carmen

When you say the short lived token doesn't work, are you referring to the SFV or your own application?

If you are referring to the SFV, there are certain events which must only fire AFTER the http token is obtained. All my modifications are done in Mapmanager.mxml.

seanlo · ‎06-23-2010

Well here's my code from mapmanager.mxml.

   //config
      private function config(event:AppEvent):void
      {
       configData = event.data as ConfigData;

      }
   //init
   private function init():void
   {
    SiteContainer.addEventListener(AppEvent.CONFIG_LOADED, config);

//sean's mod

          var LoginInstance:LoginMainApp=new LoginMainApp(this.width,this.height,TokenUrl,ClientId,MapLayerLocation,RestLogin,ExpirationToken);
          LoginInstance.addEventListener(Event.COMPLETE, SecurityInit);
          //apparently PopUpManager can only be called through flex. =(
    PopUpManager.addPopUp(LoginInstance.LoginPop,this,true);
    PopUpManager.centerPopUp(LoginInstance.LoginPop);
    //LoginInstance.SetLoginPositions();

    //Alert.show("Starting");
//sean's mod
   }

Where LoginInstance is my custom actionscript login file that i wrote. Once it completes verification with the rest service, it returns a custom event Event.COMPLETE back to SecurityInit.
Here is SecurityInit()

   private function SecurityInit(e:Event):void
   {
   //sean try mod

    Alert.show("Starting");
    SiteContainer.addEventListener(AppEvent.SET_MAP_NAVIGATION, changeNavigationbyMenu);
                SiteContainer.addEventListener(AppEvent.BASEMAP_MENU_CLICKED, basemapMenuClicked);
    //SiteContainer.addEventListener(AppEvent.SET_MAP_NAVIGATION, changeNavigationbyWidget);
    SiteContainer.addEventListener(AppEvent.SET_MAP_ACTION, enableMapAction);
    SiteContainer.addEventListener(AppEvent.SHOW_INFOWINDOW, widgetShowInfo);
   //sean try mod
       map = new Map();
       map.id = "map";
       map.zoomSliderVisible = false;
       map.addEventListener(MapEvent.LOAD, mapLoadComplete);
       this.addChild(map);
          SiteContainer.dispatchEvent(new AppEvent(AppEvent.MAP_LOADED, false, false, map));

and so on.....

The key changes for this code are the SiteContainer.addEventListener. They must be taken FROM the original init, and placed to fire AFTER verification has been done successfully.

Let me know if you need more code. ^_^

GiosiaPoma · ‎07-07-2010

Hi Seanlo,
I'm trying to do what you have done. I've opened this thread thread.

This works with Default user and role storage system in arcgis server (in my case is java version).

I don't understand if you retrive the token on the fly and you insert the token in the services.

Now my problem is when I switch to Default storage to Active Directory storage, my token generation is ok but when I put the token in the services nothing returns...

What does the LoginMainApp class?

What's your arcgis server version? Java or .net?

thank for the answer,