AnsweredAssumed Answered

WebAdaptor authentication and CORS do not work

Question asked by dnc on Aug 18, 2017
Latest reply on Dec 1, 2017 by jgonsoski

So, I'm starting to think CORS support is broken in JS API 3.21, or does not support using a webadaptor with windows integrated authentication.

Has anyone have a setup like this working? If so can you share how you made it work? Is there any documentation about this combo?

 

I will try to be clear and concise with the details.

 

Server: windows 2012, with webadaptor with windows authentication, arcgis server 10.5, authentication web tier, windows authentication; webadaptor with windows authentication on.

 

Web app with esri js 3.21, with windows authentication (same domain).

 

My web app works fine. There's a first request that fails with 401: 

https://server/webadaptor/rest/info?f=json

 

Then requests to my mapservice work fine, and use callback=dojo.io.script.jsonp_dojoIoScript1._jsonpCallback in the querystring.

 

When I add my server to esriConfig.defaults.io.corsEnabledServers, things break.

There is only 1 request to my mapservice.

It fails with 401 Unauthorized. And nothing else is loaded from the webadaptor:

 

https://server/webadaptor/rest/services/servicename/MapServer?f=json&dpi=96&transparent=true&format=png8

 

As you can see, no callback is used.

 

Request headers:


Accept:*/*
Accept-Encoding:gzip, deflate, br
Accept-Language:pt-PT,pt;q=0.8,en-US;q=0.6,en;q=0.4,es;q=0.2
Cache-Control:no-cache
Connection:keep-alive
Content-Type:application/x-www-form-urlencoded
Host:sigims2.edia.pt
Origin:https://dev1.domain.pt
Pragma:no-cache
Referer:https://dev1.domain.pt/
User-Agent:Mozilla/5.0 (

 

Response Headers:

 

Access-Control-Allow-Origin:*
Content-Length:1293
Content-Type:text/html
Date:Fri, 18 Aug 2017 14:54:17 GMT
Server:Microsoft-IIS/7.5
WWW-Authenticate:Negotiate
WWW-Authenticate:NTLM
X-Powered-By:ASP.NET

 

Request:

 

Request URL:https://server/webadaptor/rest/services/mapservice/MapServer?f=json&dpi=96&transparent=true&format=png8
Request Method:GET
Status Code:401 Unauthorized
Remote Address:x.x.x.x:443
Referrer Policy:unsafe-url

 

 

IIS Log says no username is given in the request, and the error is 401 2 5 2.

 

Any help much appreciated.

 

Cheers,

Duarte

Outcomes