AnsweredAssumed Answered

How to create a security on one page and use that security on another

Question asked by vandervoort on Jul 28, 2015

We we all know, if you have a web map app that consumes secure services, when you navigate to that page the IdentityManager will provide a login dijit which creates a security.


I have a web page named MyWebAppWithSecureServices.html that meets that criteria.


I want my users to log in from another html page (MyLoginPage.html) and use that security to do a window.location.replace("MyWebAppWithSecureServices.html");


I want to do this without having to do any magic with a token, like appending it to the URL of a service REST endpoint.


I know I need to use "esri/Credential", "esri/IdentityManager", "esri/ServerInfo" to accomplish my goal. I'm having no success. Can you help me wrap my head around this please?




In the code below esriId is an instance of "esri/IdentityManager"


          function tryCreateCredentialsAndRedirectToAppWithSecureServices() {
            var userId = dojo.byId("username").value;
            var password = dojo.byId("password").value;

            var serverInfo = new ServerInfo();
            serverInfo.server = "";
            serverInfo.tokenServiceUrl = "";

            esriId.generateToken(serverInfo, {
                username: userId,
                password: password
            }).then(function(response) {
              // got our response from the token dispenser, now register it with the identify manager
              var tokenRegistrationObject = {
                expires: response.expires,
                server: serverInfo.server,
                ssl: false,
                token: response.token,
                userId: userId

              var myCred = esriId.findCredential( "", userId);

              var idObject = {};  
              idObject.serverInfos = serverInfo;  
              var credentials = {};  
              credentials.userId = userId;  
              credentials.server = "";
              credentials.token = response.token;  
              credentials.expires = response.expires;  
              credentials.ssl = false;  
              credentials.scope = "server";  
              credentials.validity = response.validity;  
              credentials.creationTime = myCred.creationTime;  
              idObject.credentials = [credentials];  
     = response.validity;;