HTTP 403 whenever I try and log in.

PaulHallett1305 · ‎08-04-2021

Hi,

We have Field Maps installed and registered on Portal. We have it for both iOS and Android. However, none of the iOS uses can log in (the Android users can); the moment they add the portal url, it comes up with a HTTP 403 forbidden error.

This also happens with Workforce too.

ArcGIS Enterprise 10.6.1

I have no idea how this is happenning, outside of a security issue on our Servers that I am unaware of.

HeatherMcCracken · ‎08-04-2021

Hi Paul,

Can you confirm that you can sign into the portal on the same iOS device via the Safari Browser? (or whichever is the default browser on your device)?

Thanks,

Heather

PaulHallett1305 · ‎08-04-2021

Hi Heather,

Yes, I can go to the same URL with Safari.

Thanks

Paul

PaulHallett1305 · ‎08-05-2021

@HeatherMcCracken

Do you think this is a bug or security thing? I just can't even connect to the server through the application and as it is registered, it's hard to see why.

Paul

HeatherMcCracken · ‎08-05-2021

Paul,

My initial gut is that it's more likely to be a security thing - like something in the infrastructure is blocking our app from accessing the portal endpoint. But it's hard to know without getting specifics. Can you reach out to me directly via email (hmccracken@esri.com) and share the details.

Here are some info that'll help

Screen shots of what you are seeing
What is are the details of your Enterprise environment (security type etc).
If you are able to share the portal URL /temp credentials that would be ideal
Is the enterprise on an internal network (does it require VPN)
Is the iOS device managed by an MDM
... anything else that you think might be relevant

We can start there ...and see next steps to understanding.

Heather

Thanks,

Heather

PaulHallett1305 · ‎08-05-2021

Thanks Heather,

I will do. Scheduling doing this from Monday.

Thanks for your help

Paul

PaulHallett1305 · ‎08-10-2021

Hi Heather,

I am going to the application and entering the url to our Enterprise portal as so: https://url_to_portal/arcgis/

I am not even getting to the sign on page.

I can log into the portal via Safari or Chrome on iOS

Probably worth reiterating that the Field Apps for Android loads properly, so it's likely the iOS is doing something it's not supposed to be; for further information, we have WAF setup as a part of the Azure Application Gateway which scans the incoming requests

We use our own phones, so no MDM.

If you want the link and credentials, can you send an email, secure link I can pass them to you, or have I misread your request.

HeatherMcCracken · ‎08-10-2021

Hi Paul,

Based on this - I'd think the place to start is with your IT group, and have them review filters that they may have applied to the WAF which might be blocking the incoming call from Field Maps. They hopefully would be able to see if the call from FM on iOS is being blocked. Different filters may be coming into play b/w iOS vs Android depending on the configuration.

I'm happy to test it out from here to see if I can learn something - but it we're getting a Forbidden message, it really indicates something in the WAF likely. I actually don't even need credentials - if you can just share the portal URL, that should be enough for a first look. I don't see your email (I may just be missing where this is listed?), so feel free to email me directly if you want to share the portal URL. hmccracken@esri.com

Thanks,

Heather

PaulHallett1305 · ‎08-18-2021

Hi Heather,

OK, we just turned WAF off (or put it in observation mode) and the issue still prevails. So it can't be that, unless as Brooks suggests, the port is blocked, but that would be a surprise, given it's a known port.

David_Brooks · ‎08-14-2021

This is a Billy basic question here, but does Field Maps reach through over port :443 or something different? Is the field maps port open on your firewall?

David
..Maps with no limits..