AnsweredAssumed Answered

Windows Authentication ArcGIS Enterprise

Question asked by gill.paterson@geoplex.com.au on Dec 9, 2018
Latest reply on Dec 10, 2018 by gill.paterson@geoplex.com.au

We have integrated Active Directory as web tier authentication with Portal, this has given us single sign on with portal. Great! We also have services being accessed through REST. From the articles we have read, we understood that the requirement for authentication would flow through to server, however we can access service > execute task anonymously. Is this a bug or have we missed something?

 

Our architecture:

 

Load Balancer = https://gis.xxx.xxx

 

- Machine 1: Web Adaptor/ Portal (gisportal - IIS authentication set to Windows Auth only, Anon Access disabled)

- Machine 2: Web Adaptor/ Portal (gisportal - IIS authentication set to Windows Auth only, Anon Access disabled)

 

- Machine 3: ArcGIS Server (gissite)

- Machine 4: ArcGIS Server (gissite)

 

https://gis.xxx.xxx/gisportal/home - Pop up for Windows Authentication works and authenticates correctly. Users can access content shared to them.

https://gis.xxx.xxx/gissite/rest/services - This home, first, level can be accessed without authentication. Clicking on a folder to move to the next level down prompts an authentication pop up.

https://gis.xxx.xxx/gissite/rest/services/folder/name/server/layer - This last level can be accessed without authentication and the function returns a result, without authentication.

 

Any help is welcome, hopefully we haven't grossly misunderstood the docs.

 

Thanks

Outcomes