AnsweredAssumed Answered

Application-level Authentication - Proxy is being used for an unsupported service

Question asked by csgeosol1 Champion on Jan 11, 2016
Latest reply on Jan 12, 2016 by csgeosol1

This is the companion thread to Application-level token authentication

 

In short, I was successful in creating secured services and authenticating at the application level - somewhat! There's a peculiar behavior I haven't quite nailed-down - maybe someone has experienced this before and has an answer...

 

When I use a cold session, e.g. after clearing cache and restarting the browser, and then load the secured service through the mapping app, I receive an authentication pop-up (which I am trying to avoid). If I enter the correct credentials, I receive the message:

 

Unable to access the authentication service.

 

In the console, the error is reported as a 403:

 

code: Forbidden,message:"Proxy is being used for an unsupported service: https://mygisserver/arcgis/tokens/"}}"

 

If I navigate to the REST service in the browser, I am prompted to enter credentials, which authenticates successfully. In the same browser, once the session is established, I can then refresh (ctrl-F5) and see the secured layer without receiving an authentication window. This is the behavior I'm seeking - any user can see the secured service in context of the mapping app, without having to manually enter credentials.

 

Any ideas as to what would cause this? I am using the proxy from the Esri GitHub. I am also keeping the referrer open-ended for now, until I resolve this issue. I don't believe I'm doing anything crazy - right now, I'm just undergoing some POC testing. Here's the pertinent info on how the proxy config looks:

 

<ProxyConfig allowedReferers="*"
             mustMatch="true">
   <serverUrls>
      <serverUrl url="https://mygisserver/arcgis/rest/services"
                 matchAll="true"
                 username="user"
                 password="password"/>
  </serverUrls>

 

Here's how the quick test js looks:

 

var flTest = new FeatureLayer("https://mygisserver/arcgis/rest/services/base_services/test/MapServer/0", {
  id: "points",
  mode: FeatureLayer.MODE_ONDEMAND
});


var simpleJson = {
  "type": "simple",
  "label": "",
  "description": "",
  "symbol": {
  "color": [0, 0, 255, 191],
  "size": 6,
  "angle": 0,
  "xoffset": 0,
  "yoffset": 0,
  "type": "esriSMS",
  "style": "esriSMSCircle",
  "outline": {
  "color": [0, 0, 128, 255],
  "width": 0,
  "type": "esriSLS",
  "style": "esriSLSSolid"
  }
  }
}
var rend = new SimpleRenderer(simpleJson);


flTest.setRenderer(rend);
map.addLayer(flTest);

 

 

I have confirmed SSL is set-up correctly on the dev server where the mapping app is hosted, as well as on the GIS server. The map service is an xy feature event from an MS SQL Server db slice, if that matters at all.

 

Thanks!

Outcomes