How to use a non-publically accessible Map Service in a Public Facing App

Paul_Postiglione · ‎01-07-2021

Hi, looking for options on how to make a map service available to view through a publically accessible web app, but not have the data available to the public. It needs to be a map service with the query option available so tiles or basemaps will not work unfortunately. The app is a custom WAB map. I'm just looking for a way that people cannot access the rest end point, but the app has access to it.

VinceAngelo · ‎01-08-2021

The REST endpoint provides all the data. Any client which can emulate the client app's request protocol can get that data. You could harden the endpoint in front of the Web Adaptor's servlet engine, but it might not take a lot to engineer around that (especially if a concerted effort was made), and there might be a significant performance cost.

If you want to protect the back-end database, you might stage a publishing database (or FGDB folder), which is effectively read-only, in the DMZ to prevent the risk of tampering.

I'm afraid this might be a "Doctor, doctor, it hurts when I do this!"/"Don't do that." situation

- V

JamesBushOpelika · ‎01-13-2021

Where do I turn assessability on/off for REST endpoints to be viewable to the outside? Is it possible to do so with one service? In the ArcGIS server admin.

James Bush
jabush@opelika-al.gov