Community
Select to view content in your preferred language

custom java identity store for 10.1

672
5
02-16-2013 05:19 PM
PaulHastings1
by
Deactivated User
‎02-16-2013 05:19 PM
we're trying to integrate an existing, complex authentication system (using passwords, LDAP, google/facebook/etc authentication depending on the user) into arcGIS server. we don't actually need arcGIS manager to manage this as its an existing system w/working management tools in place. we were hoping that we could just implement the validateUser method, is this the case? or do we need to implement more methods?

thanks.
Tags (2)
0 Kudos
5 Replies
RichardWatson
by
Deactivated User
‎02-17-2013 06:40 AM
I have implemented a custom ASP.NET security provider so I can speak to that.

ArcGIS Server Manager exposes a set of functionality related to creating, authenticating, finding, etc. users & groups.  Some of the functionality is absolutely required, e.g. authenticate user, is user a member of a group, etc.  Other pieces are optional, e.g. create user.  I didn't implement creation functionality because I expect that to be done in another system but I did implement all the logic which allows the administrator to find/search users and groups.

I seem to recall that the samples had comments with regards to what was required and what was not but I don't think that they were precisely correct.

Best of luck!
0 Kudos
PaulHastings1
by
Deactivated User
‎02-17-2013 08:21 AM
thanks for that, yes i was kind of working to that conclusion (tried to get away w/just validateUser method but the secured service wouldn't even start). the java example implements everything (except passwords or the server itself is hiding that somewhere else) & the docs aren't very informative (the install bits have nothing to do w/anything, several people read them & understood that arcgis manager was somehow involved--its not, just manually edit a config file).

know its possible is half the battle.

thanks again.
0 Kudos
PaulHastings1
by
Deactivated User
‎02-22-2013 06:40 AM
still struggling w/this.

stupid question time: is securing a service in the root folder a no-no? seems that makes arcGIS server unstable to the point that its crashing IIS default app pool & croaking my other app servers (coldfusion, etc.).

thanks.
0 Kudos
RichardWatson
by
Deactivated User
‎02-22-2013 06:53 AM
I always secure the root folder such that only authenticated users have access.

See attached image.
Preview file
13 KB
0 Kudos
PaulHastings1
by
Deactivated User
‎02-24-2013 07:26 AM
we've had a staging & a dev server (10.1) both start doing tequila shots if we mess w/services in the root.

i don't see anything in the docs but should we be securing folders instead of services?

thanks.
0 Kudos