If you use the esri resources proxy then all the renewal and hiding part is taken care of for you. The issue will be the part of you validating the user.
I am having log-in screen, where user will provide credentials to view the application. I believe, in proxy page, static Username & password has to set in the proxy config file to access the secured services.
<?xml version="1.0" encoding="utf-8" ?>
<ProxyConfig allowedReferers="http://serverName/TokenHtmlPage.html,http://serverName/CBDTMap" mustMatch="false">
<serverUrl url="https://ServerName/arcgis/rest" username="ABC" password="XYZ" tokenServiceUri="https://ServerName/arcgis/admin/generateToken" matchAll="true"/>
<serverUrl url="http://services.arcgisonline.com" matchAll="true"/>
How can i send the user credentials provided in log-in screen to the proxy page?
How proxy page will maintain the token for each request or do i need to send user credentials every-time? I can't send as a querystring with the proxy URL due to security reasons.
Kindly suggest the best way to achieve this.
That is the issue, combining them. My initial idea would be set the proxy up with a static username and password and have your authentication portion redirect to use the proxy if the user is OK, if not then the proxy would not be used.