Solved! Go to Solution.
hi Russell,
We have enabled Enterprise Login's within our University but are unable to log in via ArcGIS Collector (10.2.7 iOS).
So i feel like this is related to our Shibboleth / LDAP configuration, but i've been unable to find any specifics online or
within geonet. We can access our accounts via Enterprise Logins if we're using a web browser (desktop) but not
from mobile apps or the iOS Safari browser.
Our campus security team is looking into it but any tips you may have would be greatly appreciated.
best regards,
brian culpepper
What error are you seeing with Shibboleth enterprise logins? We have one known issue with Shibboleth logins right now that ends up preventing the credentials being accepted and an error page is displayed.
Russ
Russ,
The message we get says: You have asked to log in to: Unspecified Service Provider
Our enterprise logins work from a desktop web browser, so we only see this error message when
we attempt to log in from the ArcGIS Collector app (iOS 8.0.2). we've not attempted connections
from Android or other iOS versions yet.
Our security team initially thought the issue was related to Collector not redirecting to an https://
url when prompting for our university credentials. Any ideas?
thank you Russ!!
best,
brian culpepper
Brian:
Have you tried Collector 10.2.7? Collector was updated today.
.
Joe,
yes, i just tried again with the updated Collector app; even restarted my iPhone and tested again, but i
still receive the same error.
thanks for the suggestion though! we'll keep at it until we resolve this issue; with some help from our friends
best,
brian culpepper
We discovered our issue with external access by the following tests;
-use internal wifi, not public or cellular network, with iOS devices and laptops to confirm devices can connect on internal network. Login through browser to AGOL org site on both, then try Collector .
-Then use external wifi, public or cellular network, with iOS devices and laptops to confirm devices can connect on external network.
Review any and all possible logs and security settings in reverse proxy, if applicable, and other web servers in configuration. In the end we discovered that access was only working inside and the only way to tell this was to connect the iOS device to the internal wifi which it then worked.
My environment;
Microsoft ADFS
IIS 7
AGS 10.2.2
Good luck
Frank
We currently have a logged issue in for some Shibboleth enterprise logins failing in Collector iOS app. I can update the thread when I have more information on when we will have a fix ready.
Russ
Hi Russ,
I work with Brian Culpepper. my team manages the Shibboleth environment. We're happy to assist in troubleshooting if it will help.
We've noticed some additional error messages referring to SOAP in our application logs. If you'd like more detail, feel free to reach out to me directly.