What would be the Best way to seemlessly authenticate?

AlexGole · ‎12-30-2014

Hi all,

I am building a web editing application where I want users with permission to log on as themselves (seemlessly from their desktop would be best) and start editing (In SDE, editor tracking is on). For instance, users that are allowed (ArcGIS Server pool of users) to access my services would launch my web app and it would automatically login. No credentials needed.

1. Let users authenticate using Identity manager (good but credentials needed).

2. Token-based would be even better because it would bypass identity manager but would login using my credentials. (would be great but I want users to use their own credentials. Is it possible?)

3. proxy page with credentials or Token works great for me when I want to Loin seemlessly. (would it requires IIS to be installed on each user's machines and the proxy page set within each IIS?).

Here were the three authentication methods I am aware of and that are not too hard to implement.

Now I am exploring if securing my services with integrated windows authentication might another great approach. cons and pros?

Thank you,

Any tips are welcome

Alex

JakeSkinner · ‎12-31-2014

Hi Alex,

GIS-tier authentication (token authentication) has potential security risks if not configured properly. Take a look at the following KB article for more information.

You would want to implement Web-Tier Authentication. For highest security, web-tier authentication is recommended. Here is a great link that discusses how to secure web services with integrated windows authentication.