Community

Question about token based security

818
2
12-09-2010 09:57 PM
HaroldBostic
by
Occasional Contributor II
‎12-09-2010 09:57 PM
I am testing token based security on my dev server.  I have set up everything correctly but I have two issues that I can't seem to understand.  I have two ArcGIS Server instances running named ArcGIS (no security enabled) and ArcGISSecure with role based security from a full SQL Server

1. The two mapservices that I have caches for, only display in the services directory when I access them through the ArcGISSecure Instance.  These directories have "Everyone" level perms and I assumed that I could access the service using the ArcGIS instance like I do for my dynamic services.  Although I can use the ArcGISSecure instance as a work-around, I would like to understand why the other instance is not accessing the cache anymore (before the secure instance was setup, I was able to view the service in the services directory)

2.A bigger issue that I have is this:
I created a token to use for one feature service that will be used for browser editing.  The token is stored and accessed in my proxy page.  I can access the feature service by using: http://server/esriprox/prox.ashx?http://server/ArcGISSecure/rest/services/DNRECMSD/DNREC_Dynamic_Tes..., or http://server/esriprox/prox.ashx?http://server/ArcGISSecure/rest/services/DNRECMSD/DNREC_Dynamic_Tes... or http://server/esriprox/prox.ashx?http://server/ArcGISSecure/rest/services/DNRECMSD/DNREC_Dynamic_Tes...

This is because in the proxy I have match all = true for the url http://server/ArcGISSecure/rest/services/DNRECMSD/DNREC_Dynamic_Test_Edit_Secure/FeatureServer which is the same url that I used to aquire the token.

When the request is made inside my FlexViewer app firebug tells me it is requesting this:
http://server/esriprox/prox.ashx?http://10.67.4.133/ArcGISSecure/rest/services/DNRECMSD/DNREC_Dynami...
(notice the ?f=json on the end)
and the response I get is that the token is invalid.  Can anybody explain to me why this is the case.

Thanks in advance
0 Kudos
2 Replies
RaviNarayanan
by Esri Contributor
Esri Contributor
‎12-15-2010 10:45 AM
I created a token to use for one feature service that will be used for browser editing.  The token is stored and accessed in my proxy page. 


Please make sure the IP or Referer that is used when obtaining the token is correct.  For more info see sections "Obtaining a Token" and "Using the token in your application" in the following reference:
http://help.arcgis.com/en/webapi/javascript/arcgis/help/jshelp_start.htm#jshelp/ags_security.htm
0 Kudos
HaroldBostic
by
Occasional Contributor II
‎12-16-2010 06:53 PM
1st issue resolved by:
Having a better understanding that both instances are secured, one was secured with windows security and the other with sql server security. Granting the right combination or privs has given me the access I need.


2nd issue resolved by:
1. I removed all entries in the proxy.config file and re-added them. Everything works as expected now, must have been an erroneous character in there somewhere
2. I created a token using the ip address of the proxy server for use in the proxy.config file
3. I re-created the client side token with the referer of the app url


thanks
0 Kudos