Windows auth - arcgis server access is left open?

352
1
12-28-2017 02:34 AM
DuarteCarreira
Occasional Contributor II

I'm looking at security models in Portal + Server. I'm interested in keeping my server with integrated windows authentication (IWA).

Instructions say to disable server webadaptor security before joining the portal:

Use Integrated Windows Authentication with your portal—Portal for ArcGIS (10.5.x) | ArcGIS Enterpris... 

My question is: in the end will access be open (anonymous) to server rest api endpoints?

Thanks.

0 Kudos
1 Reply
DuarteCarreira
Occasional Contributor II

So, it seems federated Server security is handled by Portal. So no, rest end points shouldn't be public. Should be protected by portal's security, IWA or otherwise.

Couldn't find any reference to server REST api endpoints changing, other than the tokens url, which changes to portal.

I figure public js api web apps to keep having access must use "the" proxy with included credentials.

This bread and butter kind of stuff is really not clear or easy to find. I can get more info on high availability scenarios than on simpler things.

Maybe it's  just me, but I find docs very confusing, spread over many, many seemingly unrelated pages. I still can't figure a simple, to the point, conclusion of how IWA/security works... I can get a step-by-step to configure it but can't get a good picture of what it causes...

So on to testing in a vm the whole thing... hours and hours of fun await.