Connecting to secure map service within javascript app

DarrylHilton · ‎03-02-2020

Hi

I have read all kinds of help documentation on this subject but can't seem to find the best fit, or get any to work. I have written the javascript app below. The layer being used is secured as I would not want the contents being made available to everyone, except for people who are using the app. They will have already logged in to get this far so I just need the application to handle the logging in to get the map data back. (ie at the moment it asks for an ArcGIS server log in). I can find lots of information about accessing secure applications, but not specific layers within a javascript app...any help would be great.

<html>
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no">
    <title>DH Test Map</title>
    <style>
      html, body, #viewDiv {
        padding: 0;
        margin: 0;
        height: 100%;
        width: 100%;
      }
    </style>

<link rel="stylesheet" href="https://js.arcgis.com/4.14/esri/themes/light/main.css">
<script src="https://js.arcgis.com/4.14/"></script>

<script>
    require([
    "esri/WebMap",
    "esri/views/MapView",
"esri/layers/FeatureLayer",
"esri/core/urlUtils",
"esri/tasks/support/Query",
    ], function(WebMap, MapView, FeatureLayer, urlUtils, Query) {

     var urlObject = urlUtils.urlToObject(document.location.href);
  runValidaty(urlObject);

   var impactedPropertiesLayer = new FeatureLayer({
   url: "https://MYENTERPRISESERVER/server/rest/services/TEST/AffectedPropertiesSecure/MapServer/0",
   definitionExpression:expression,
   popupTemplate: { title: "{UPRN}", content: "{ImpactLevel_ID}"},
  });

  impactedPropertiesLayer.when(function() {
   return impactedPropertiesLayer.queryExtent();
   }).then(function(response) {
   view.goTo(response.extent);
  });

  var webmap = new WebMap({
   portalItem: {
     id: "1a409e5d6939452cbb27fee5f05a2140"
   }
  });

  var view = new MapView({
   container: "viewDiv",
   map: webmap,
   zoom: 6
  });

webmap.add(impactedPropertiesLayer)

var expression;
function runValidaty(UrlPropertiesObj){
expression ="";
Object.keys(UrlPropertiesObj.query).forEach(function(key,index) {

var objectValue = UrlPropertiesObj.query[key];
if(objectValue){
//first time round

if(parseInt(objectValue)){
expression += key + "="+objectValue+"";

}else{
expression += key + "='"+objectValue+"'";
}


var nextObj = Object.keys(UrlPropertiesObj.query)[index+ 1];
  if(UrlPropertiesObj.query[nextObj]){
  //yes there is a property in the next loop
  expression += "AND "
  }
  }

});
}

});
</script>
</head>
<body>
<div id="viewDiv"></div>
</body>
</html>

DarrylHilton · ‎03-03-2020

I got it this working using some of the elements in this documentation: https://support.esri.com/en/technical-article/000017029

In summary, rather than linking people around

I published a secure map service in ArcGIS Server
Hosted that service in Portal using my credentials
Limited use to that hosted service to the url of the ap accessing it
Made the hosted service public
Added the URL of the hosted service to my code

View solution in original post

RobertScheitlin__GISP · ‎03-02-2020

Darryl,

You would setup and use a proxy as discussed in this thread.

https://community.esri.com/thread/236738-layer-is-using-proxy-when-set-to-visible-and-it-shouldnt-us...

DarrylHilton · ‎03-02-2020

Do I need to go down the route of having my own proxy? The agol proxy option only seems relevant for premium services as it asks for me to select geocoding etc, where as this is just viewing a map service.

seems this process could be an awful lot easier

RobertScheitlin__GISP · ‎03-02-2020

Yep, your own proxy if you are going to be storing credentials for your secured service.

BenElan · ‎03-02-2020

This is actually now the preferred method for storing credentials: How To: Limit access to secured hosted services in ArcGIS Online for public-facing web applications

We are trying to move away from the resource proxy. Storing credentials using the resource proxy for the purpose of bypassing authentication is against the Terms & Conditions. There was a little paragraph added to the github page:

Ensure that you follow the Terms & Conditions of the Esri systems and software that you are working with. In general, it is not permitted to embed credentials in a resource proxy for the purpose of bypassing Named User authentication (i.e. the principle that each end-user must have their own unique login). This is true both when using a resource proxy with ArcGIS Online as well as for ArcGIS Server sites federated as part of an ArcGIS Enterprise deployment

DarrylHilton · ‎03-03-2020

Hi, thanks for the reply, but I don't think that is answering my issue. I have a layer published with ArcGIS server (also available via Portal) (currently secured so only I can see it) which I need to use in some javascript I have written (above) not in a web map template from ArcGIS Online which those instructions seem to refer too

DarrylHilton · ‎03-03-2020

I got it this working using some of the elements in this documentation: https://support.esri.com/en/technical-article/000017029

In summary, rather than linking people around

I published a secure map service in ArcGIS Server
Hosted that service in Portal using my credentials
Limited use to that hosted service to the url of the ap accessing it
Made the hosted service public
Added the URL of the hosted service to my code