Direct pass through ASP.Net proxy page?

DaveHighness · ‎11-21-2013

I would like to get my hands on a proxy page that doesn't do the proxy.config token stuff. I want to create my token on the client, append it to any GET or POST requests and then have it go through a proxy page to the ArcGIS Server REST unimpeded and return the response unimpeded. It seems like I should be able to alter the existing ESRI supplied proxy.ashx to make this work but there is a lot of stuff in there that I don't know what it does. Anyone have a creature like I describe and be willing to share?

Yes I will be doing all this over SSL.

Thanks, Dave

DaveHighness · ‎11-22-2013

For sure ignore the code I pasted above, that hoses everything up.

I did figure out a way to get this all working. What I was trying to do was roll my own authenticated service login widget but could never get that working. I created an AGS_ROLES cookie that looks just like the one that the JS API widget produces but I could never get the Dynamic Layer to recognize it and render the layer. I just went with the JS API login widget and that works fine. I didn't realize before that I could grab the token from the Dynamic Layer after it authenticated.

Thanks for bearing with me.

View solution in original post

JohnGravois · ‎11-21-2013

if you want to create your token on the client, what purpose would the proxy serve?

DaveHighness · ‎11-21-2013

There are a couple instances where you need a proxy right? One is if you are trying to use a service from another server, cross-domain. The other is if your GET string grows too big for the REST API to parse. Those aren't really an issue for my app right now but they could be in the future.

Does the ArcGIS Server JS API convert REST requests to POST if they are longer than a certain size? It seems to me that the requests should always be POST. Is there a way to control if they are GET or POST?

I have this thing working without a proxy file now.

JohnGravois · ‎11-21-2013

if either the web server hosting a resource on another domain does not support CORS, or the client browser does not support CORS, a proxy will be required to POST information to the second web server.

our ASP.NET and other proxies are a straightforward implementation to channel those requests 'unimpeded'. they include a configuration file so that you can define a whitelist of servers you would actually forward traffic to so that it is more difficult for someone to hijack your proxy and make requests to an unknown server.

our proxy.config also provide the capability to append tokens to requests for secure resources, but if no token information is supplied for a particular resource, the original request is forwarded as is.

DaveHighness · ‎11-21-2013

I am trying to go without the proxy, the image export isn't working. I create valid token but I am trying to append it to the "/MapService/export" but I haven't figured out how to do that. I thought I could do it in the esri.setRequestPreCallback() but it never ends up in the "export" request. Can you see something wrong with this code? The variable arcToken is set with the token.

esri.setRequestPreCallback(function (ioArgs) {
    if (arcToken != '') {
        if (ioArgs.url.indexOf('?') > -1) {
             var url = ioArgs.url + '&token='+arcToken;
             ioArgs.url = url;
        }
        if (ioArgs.content != {}) { ioArgs.content['token'] = arcToken; }
    }
    if (ioArgs.url.indexOf("GPServer") > -1) {
        ioArgs.preventCache = true;
    } 
    return ioArgs;
});

JohnGravois · ‎11-21-2013

are you saying that technique provided by the code you supplied works when a proxy isn't in place?
why would you ever have to POST your Export Map request?

NicolasGIS · ‎04-23-2017

I do have this will, POST to ExportMap request because of long layerDefinitions parameter.

I created a thread regarding this issue but I can't find the solution:

esri js api post for exportMap

Using the proxy does not help or maybe I missed anything ?

Thanks

DaveHighness · ‎11-21-2013

No, that isn't working. I think I figured out what I need to do, create an authentication token cookie like the one that shows up when you login to an authenticated Map Service from the Rest Services interface. Looks like there are two of them "agstoken" and "AGS_ROLES". I think its the "agstoken" one that I need.

DaveHighness · ‎11-22-2013

For sure ignore the code I pasted above, that hoses everything up.

I did figure out a way to get this all working. What I was trying to do was roll my own authenticated service login widget but could never get that working. I created an AGS_ROLES cookie that looks just like the one that the JS API widget produces but I could never get the Dynamic Layer to recognize it and render the layer. I just went with the JS API login widget and that works fine. I didn't realize before that I could grab the token from the Dynamic Layer after it authenticated.

Thanks for bearing with me.