AuthenticationManager, OAuthAuthorizeHandler and retrys. Feedback requested.

575
4
Jump to solution
04-14-2020 12:48 PM
MikeQuetel1
New Contributor III

Hi,

I'm looking for feedback on some specific behavior with AuthenticationManager and the example implementation of OAuthAuthorizeHandler using the OAuthImplicit type.  The implementation of my OAuthAuthorizeHandler is based almost entirely on this esri sample on github.

Behavior I'm seeing:

I have a webmap stored in ArcGIS enterprise, which is shared with the organization.  The web map contains layers that are shared to the organization and a single feature layer that is private and not shared with any group or user.  This private layer is intentional, so that I can understand the behavior of a user not having permissions to a layer. When a user opens the web map in the app, they are initially challenged (they can click-thru as our portal is federated with ADFS).  The web map loads as expected.  The private feature layer that is not shared then causes another challenge.  Clicking through this causes another challenge and then another.  Looping 6 or 7 times, then an OperationCanceledException is raised.  Basically the same effect as if the user cancels the challenge.  This challenge/loop behavior will repeat for every layer in the web map that a user lacks permissions for.

My questions:

1) Am I understanding this behavior correctly?  The AuthenticationManager will attempt to authenticate 6 or 7 times then cancel?

2) If so, are there any mechanisms available for influencing this behavior? For example, indicating how many retries are allowed before canceling?

Thanks in advance for answering the specific questions above.


Mike

0 Kudos
1 Solution

Accepted Solutions
MichaelBranscomb
Esri Frequent Contributor

Hi,

1) Am I understanding this behavior correctly? The AuthenticationManager will attempt to authenticate 6 or 7 times then cancel?

The AuthenticationManager may retry up to 20 times (that's an internal value). It's not clear why you only saw 6-7 retries, the suggestion from the team was perhaps a task/request timeout. 

2) If so, are there any mechanisms available for influencing this behavior? For example, indicating how many retries are allowed before canceling?

Here is another sample that shows how you might control the retry behavior: arcgis-runtime-samples-dotnet/TokenSecuredChallenge.xaml.cs at master · Esri/arcgis-runtime-samples-....

Thanks

Mike

View solution in original post

4 Replies
MikeQuetel1
New Contributor III

Anyone from esri want to take a run at answering this?  Thanks in advance!

0 Kudos
MichaelBranscomb
Esri Frequent Contributor

Hi,

1) Am I understanding this behavior correctly? The AuthenticationManager will attempt to authenticate 6 or 7 times then cancel?

The AuthenticationManager may retry up to 20 times (that's an internal value). It's not clear why you only saw 6-7 retries, the suggestion from the team was perhaps a task/request timeout. 

2) If so, are there any mechanisms available for influencing this behavior? For example, indicating how many retries are allowed before canceling?

Here is another sample that shows how you might control the retry behavior: arcgis-runtime-samples-dotnet/TokenSecuredChallenge.xaml.cs at master · Esri/arcgis-runtime-samples-....

Thanks

Mike

MikeQuetel1
New Contributor III

Thanks for the feedback and the pointer to another code sample.  I was able to adopt some of those ideas and improve the user experience when access problems are encountered within a web map.  The default behavior of the AuthenticationHandler retrying over and over for each item encountered in the web map isn't very helpful and tends to make people think they are stuck in a loop.

0 Kudos
MichaelBranscomb
Esri Frequent Contributor
...retrying over and over for each item encountered in the web map...

I've opened a new issue in our product backlog to investigate how we can improve this behavior. 

Thanks

Mike