AnsweredAssumed Answered

ArcGIS Online Support for Web Tier Authentication

Question asked by aaronf@gbcma.vic.gov.au on Nov 25, 2015
Latest reply on May 26, 2016 by drewgis

Recently I noticed that that ArcGIS Online Documentation has been updated to include support for ArcGIS Server Services secured with Web Tier Authentication. As per below:

 

ArcGIS Server web services—ArcGIS Online Help | ArcGIS

Secure services

ArcGIS Online supports ArcGIS Server authentication, including web-tier authentication such as Integrated Windows Authentication (IWA) and a public key infrastructure (PKI),  for adding and accessing secure services. ........

The map viewer, Web AppBuilder, and the configurable apps support editing feature services secured with web-tier authentication. To take advantage of this support, administrators must configure trusted servers that allow ArcGIS Online to automatically pass through credentials.

 

This is welcome news however I have not been able to take advantage of this new functionality.

 

Obviously an ArcGIS Server secured with Web Tier Authentication and published to the Internet can have quiet complex configuration.

 

Is any more detailed documentation available other than the what is referenced above?

 

Has anyone had any luck getting ArcGIS Online to accept ArcGIS Server Services secured with Web Tier Authentication working?

 

My Scenario:

 

The ArcGIS Server 10.3.1 Web Adapter (IIS) is secured with SSL, has CORS enabled and is publically accessible while ArcGIS Online Trusted Servers has been configured with the Web Adapters public address.

 

The ArcGIS Server Service is currently actively used in several ArcGIS SharePoint Web Part's accessible externally and works without issue using NTLM Pass Through Authentication when accessed from Internet Explorer on Domain Machines. The environment is working.

 

If adding the ArcGIS Server Service secured with Web Tier Authentication using NTLM the following messages are received:

 

As a Item to My Content:

Error Service '' does not exist or is inaccessible.

 

Directly to a Web Map:

Error, The layer, Service Name, cannot be added to the map.

 

Via the Services View In: ArcGIS Online map viewer option :

The Map Service is added and features are displayed however the following message is displayed:

Editing, Layers -  Feature Service Name - Layer Name

seem to be on an internal network and are not accessible to ArcGIS.com. Thus, editing will be disabled on these layers.

 

Screen Shots Attached

 

Unfortunately, all these messages are very similar or the same as prior to ArcGIS Online supporting Web Tier Authentication.

 

Has anyone had any luck getting this new support for Web Tier Authentication working?

 

Any assistance and or learnings would be greatly appreciated.

 

Aaron

Outcomes