I'm quite confused on how to get this proxy working.
I've secured one geoprocessing service called Habitat Management. It is located in the HabitatManagement folder, the service is titled HabitatManagement, and it contains a geoprocessing task called HabitatManagement. Essentially, the url for the secured service looks like this:
The actual web mapping application resides inside of a .NET application. The URL of the .NET application is this:
https://www.mydomain.com/appName
The actual web map url is this:
https://www.mydomain.com/appName/HabitatMap/HabitatJSMap
I have my proxy config file set up like so:
<ProxyConfig allowedReferers="https://www.mydomain.com/appName/*"
mustMatch="true"
logFile="proxyLog.txt"
logLevel="Warning">
<serverUrls>
<serverUrl url="https://www.mydomain.com/myServer/rest/services/HabitatManagement/"
username="username"
password="password"
matchAll="true"/>
</serverUrls>
</ProxyConfig>
I have the proxy JS code like this:
urlUtils.addProxyRule({
urlPrefix: "https://www.mydomain.com",
proxyUrl: "https://www.mydomain.com/appName/proxy/proxy.ashx"
});
If I go to the proxy page following this URL:
https://www.mydomain.com/appName/proxy/proxy.ashx
It works as expected, it says "Config File: "OK" Log File: "OK""
When I test this URL, it takes me to the HabitatManagement folder but does not show the services within it, even though the token should be passing the username and password so I can see the services, right? That's issue #1 that I don't understand.
Additionally, when I go the web map and try to access the service, it still makes me login with this message:
Please sign in to access the item on https://www.mydomain.com/myServer (HabitatManagement/HabitatManagement)
If I login, things work fine - it appears the token is generated and appended to the URL as it should be.
If I change the config file serverURL to this (note the extra "HabitatManagement" on the end of the URL):
<serverUrl url="https://www.mydomain.com/myServer/rest/services/HabitatManagement/HabitatManagement"
username="username"
password="password"
matchAll="true"/>
and try this URL, the request fails with "Bad Request" error:
and if I test it in the application it still prompts me to login with the same message as before.
I have also tried to change my serverURL to something very general with no luck. Ideally, the serverURL would be more specific than this as there are some services we have that don't require authentication thus do not need to run through a proxy.
<serverUrl url="https://www.mydomain.com"
username="username"
password="password"
matchAll="true"/>
I'm not sure if my proxy is located in the wrong spot, or if my referrer URL is messed up, or if my serverURLs are messed up. How do I access my secured services using the proxy?
Solved! Go to Solution.
Alright... I have no idea what happened or what I did differently but on the 500th try it started working. If you're searching for proxy answers, read this entire thread because my code changed A LOT between beginning post and this one. The only things I can think of for final changes was that I changed the path to my log file to be accurate in the Web.config file (probably has no bearing on this working). I also changed the other GP service to the have the correct, more general URL (I hadn't earlier because I wasn't testing that service). The last "change" was just republishing my application. Again, no clue what made it start working but something did! Thanks for your help with all of this. Final code:
JS
urlUtils.addProxyRule({
urlPrefix: "https://www.mydomain.com",
proxyUrl: "/appName/proxy/proxy.ashx"
});
proxy.config
<ProxyConfig allowedReferers="https://www.mydomain.com/*"
mustMatch="true"
logFile="proxyLog.txt"
logLevel="Warning">
<serverUrls>
<serverUrl url="https://www.mydomain.com/myServer/rest/services/HabitatManagement/HabitatManagement/GPServer/"
username="username"
password="password"
matchAll="true"/>
<serverUrl url="https://www.mydomain.com/myServer/rest/services/HabitatMonitoring/HabitatData/MapServer"
username="username"
password="password"
matchAll="true" />
<serverUrl url="https://www.mydomain.com/myServer/rest/services/HabitatMonitoring/HabitatClassification/GPServer/"
username="username"
password="password"
matchAll="true" />
</serverUrls>
</ProxyConfig>
Molly,
For testing purposes change your allowedReferers to: allowedReferers="*" I also always define the proxy using esriConfig:
require(["esri/config"], function(esriConfig) {
esriConfig.request.proxyUrl = "/resource-proxy/Java/proxy.jsp";
});
I have since tried setting the allowedRefers to a wildcard but still am having issues.
The documentation states that I should be used the addProxyRule given that I am using a username and password:
Using the proxy | Guide | ArcGIS API for JavaScript 3.26
Note: If you are storing login information (username and password or client_id and client_secret) in the proxy you will want to use the addProxyRule option so that requests to the resources with the specified URL prefix are routed through the proxy.
If I change it to esriConfig.request.proxyUrl would it be equal to this? "/proxy/proxy.ashx"
I am using the .NET installation of the proxy and the folder it sits in I have renamed as "proxy"
Molly,
I use a single proxy for my whole web server so normally my proxy url is not using a relative path, but a full path like:
esriConfig.request.proxyUrl = "https://www.mydomin.com/proxy/proxy.ashx";
Thanks, just tried it, but it didn't do the job (going off the documentation for defaults.io syntax)
esriConfig.defaults.io.proxyUrl = "https://www.mydomain.com/appName/proxy/proxy.ashx"
Molly,
defaults.io is for 3.x I thought you were using 4.x..?
Nope. I had to switch to 3.24 a while back because 4.x didn't have file upload capabilities yet.
OK,
So with the above url to your proxy.. That means that your proxy folder is under (inside of) your apps folder then?
https://www.mydomain.com/appName/proxy/proxy.ashx
Yes - you are correct. The "proxy" folder is located underneath my app folder.
I have tried a new combination of Urls and now I'm getting a little closer... now I can access my services by going direct with the URL without having to login. I can see that it logs me in with the correct user that I have allowed access to the secured service.
This occurs when I use this configuration:
//Set up the proxy to forward requests for data/geoprocessing tools
urlUtils.addProxyRule({
urlPrefix: "https://www.mydomain.com",
proxyUrl: "/proxy/proxy.ashx"
});
<ProxyConfig allowedReferers="https://www.mydomain.com/*"
mustMatch="true"
logFile="proxyLog.txt"
logLevel="Warning">
<serverUrls>
<serverUrl url="https://www.mydomain.com/myServer/rest/services/HabitatManagement/HabitatManagement/GPServer/Habitat..."
username="username"
password="password"
matchAll="true"/>
</serverUrls>
</ProxyConfig>
If I go to my service in the web map, it still wants me to login and gives me an error about the token being required in the POST request header.
{"error":{"code":499,"message":"Token Required","details":[]}}
Molly,
This is because you are providing credentials only when it is going to the GP service url and nothing when it is going to the web map. Add a serverUrl for your web map to the proxy.config. https://www.mydomain.com/appName/HabitatMap/HabitatJSMap