[Android] setCredentials for WMSLayer doesnt work in 100.7.0

EliaszK · ‎05-05-2020

Hi,

I am trying to load the Layer which is secured by a token. I have credentials to generate them and the URL.

I am using

UserCredential userCredential = new UserCredential(user, pass, tokenUrl)
ArcGISMapImageLayer dynamicLayer = new ArcGISMapImageLayer(ms.getServiceUrl());
dynamicLayer.setCredential(userCredential);
dynamicLayer.setRequestConfiguration(requestConfiguration);

And I am getting as response: 401 Unauthorized. Token Require.

Lib doesn't even try to make a request, and generate token before loading layer. I checked it in Proxyman.

In previous (10.x) library I used

UserCredentials userCredentials = new UserCredentials();
userCredentials.setTokenServiceUrl(tokenUrl)
userCredentials().setUserAccount(user, pass)
ArcGISFeatureLayer featureLayer = new ArcGISFeatureLayer(url, mode, userCredentials);

Lib made a call to {tokenUrl},
Then it was loading layer with parameter {token} in URL.

There is any possibility to fix this issue? Same situation with WMSLayer, ServiceFeatureTable, ArcGISMapImageLayer, ArcGISTiledLayer.

XuemingWu · ‎05-06-2020

Hello,

Not like our 10.x SDK, the third parameter of constructor UserCredential(username, password, referer) in 100.7.0 specifies a referer. The 100.x SDK will figure out the url of generateToken endpoint for you. There is no need to specify it. Could you try to use the other constructor constructor UserCredential(username, password) which takes two parameters? I also want to know what request configuration you set on the following line. Request configuration will impact the request sent to load the layer.

dynamicLayer.setRequestConfiguration(requestConfiguration);

Generally, setting a credential on a layer of feature table should work in our 100.x and 10.x Android SDKs. But the patterns and workflows do have some changes since 100.1.0 release. For more info on how to work with security with 100.x SDK please check out the following guide doc and samples.

Authentication Manger

Token Authentication sample

Authentication with OAuth

IWA Authentication sample

Regards,

View solution in original post

XuemingWu · ‎05-06-2020

Hello,

Not like our 10.x SDK, the third parameter of constructor UserCredential(username, password, referer) in 100.7.0 specifies a referer. The 100.x SDK will figure out the url of generateToken endpoint for you. There is no need to specify it. Could you try to use the other constructor constructor UserCredential(username, password) which takes two parameters? I also want to know what request configuration you set on the following line. Request configuration will impact the request sent to load the layer.

dynamicLayer.setRequestConfiguration(requestConfiguration);

Generally, setting a credential on a layer of feature table should work in our 100.x and 10.x Android SDKs. But the patterns and workflows do have some changes since 100.1.0 release. For more info on how to work with security with 100.x SDK please check out the following guide doc and samples.

Authentication Manger

Token Authentication sample

Authentication with OAuth

IWA Authentication sample

Regards,

EliaszK · ‎06-05-2020

The 10.x lib was working with http~~://server/arcgis/rest/info wich was secured.~~

In 100.x lib we had to remove token based authentication.

I am leaving it as a hint for other developers.

XuemingWu · ‎06-05-2020

Hi Eliasz,

Thank you for your feedback. We would like to help and understand why token-based authentication didn't work for you. Could you share more info about your server such as version and if it is federated with a server? And could you share some code snippets?

Regards,

Nicholas-Furness · ‎06-16-2020

Hi Eliasz K‌,

I'm not sure what your hint is for other developers: there is no need to remove token authentication.

Runtime 100.x handles token authentication for all the layer types you list in your original post and, as Xueming mentioned, if this isn't working then we would like to understand why and help you get it working. Could you share the information she asked for in her reply above? If there's a bug, we need to fix it. If there's a nuance about how you're approaching authentication that is tripping up the Runtime, then we need to understand if we can improve some documentation and get you on your way.

Let us know!

Nick.