Community

Securing an Application Created Using ArcGIS API for JavaScript

1111
2
Jump to solution
01-09-2017 09:39 AM
deleted-user-gqr_hXrLM2-m
by
New Contributor II
‎01-09-2017 09:39 AM

Hello,

I have not been creating Web applications for very long, and I am not very learned on topics involving Web security. With that being said, I have recently designed a Web application using the ArcGIS API for JavaScript for my organization, and have focused mainly on the design of the user interface, as well as the functionality that is made possible through the leveraging of ArcGIS Server and ArcGIS API for JavaScript. As I have been finishing up the design of the application, I have been browsing the Web, and have been seeing some pages that talk about risks that come with not, "securing your application" from hackers. Do any other developers using ArcGIS API for JavaScript actually routinely go through this process when creating applications? Or is it only necessary in certain situations (i.e. when sensitive data is being passed between client and server)? In my case, there really is not any sensitive data that being passed from client-to-server/server-to-client when application is being used. Any direction whatsoever would be greatly appreciated. Thank you.

-Jacob 

0 Kudos
1 Solution

Accepted Solutions
RobertScheitlin__GISP
by MVP Emeritus
MVP Emeritus
‎01-09-2017 09:53 AM

Jacob,

   I have very few apps that are secured using a .Net wrapper and those are only ones that contain sensitive information (like my law enforcement apps). If you do not have sensitive information in your apps then there is no need to go through all the effort or trouble of securing your apps. I am not convinced on the threat of GIS hackers at all. If just access to your app could divulge sensitive info, then having a .Net login wrapper for your app is important. If you just need to prevent malicious data being entered to your Feature Server services then you can just use ArcGIS Servers security to cause the editor to login. Hope this helps a little.

View solution in original post

2 Replies
RobertScheitlin__GISP
by MVP Emeritus
MVP Emeritus
‎01-09-2017 09:53 AM

Jacob,

   I have very few apps that are secured using a .Net wrapper and those are only ones that contain sensitive information (like my law enforcement apps). If you do not have sensitive information in your apps then there is no need to go through all the effort or trouble of securing your apps. I am not convinced on the threat of GIS hackers at all. If just access to your app could divulge sensitive info, then having a .Net login wrapper for your app is important. If you just need to prevent malicious data being entered to your Feature Server services then you can just use ArcGIS Servers security to cause the editor to login. Hope this helps a little.

deleted-user-gqr_hXrLM2-m
by
New Contributor II
‎01-09-2017 09:59 AM

This answered my question. Thanks so much.

0 Kudos