Community

Secure Services over  https

3131
8
08-01-2012 12:37 PM
LaurynasGedminas
by
New Contributor
‎08-01-2012 12:37 PM
Hey,
Having problems accessing secure services thru SSL enabled site  https://<arcserver>:6443/arcgis/rest/services
in JavaScript API and arcgis.com, i get the message: "Unable to access the authentication service".
I dint had this problem before SSL was enable.
I am using Identify manager and ArcServer 10.1.

Flex viewer,ArcExplorer,ArcMap has no problem with secure services

Thanks,

Laurynas Gedminas
0 Kudos
8 Replies
MostafaFouly
by
New Contributor
‎08-02-2012 02:13 AM
well there're 2 ways to secure ArcGIS server services:
token based.
services secured with http, which is your case.


check "Services secured with HTTP/Windows authentication" section:
http://help.arcgis.com/en/webapi/javascript/arcgis/help/jshelp_start.htm#jshelp/ags_secureservices.h...

since you're using a client side language, the first option in the section won't work with you, so you've to stick to the first one i guess.
0 Kudos
MostafaFouly
by
New Contributor
‎08-02-2012 02:24 AM
out of curiosity, do you have SSL Certificate installed?

check "Determining whether a SSL certificate is installed" to see if it's installed or not
http://webhelp.esri.com/arcgisserver/9.3/dotnet/index.htm#securing_internet_conn.htm
0 Kudos
LaurynasGedminas
by
New Contributor
‎08-02-2012 04:08 AM
out of curiosity, do you have SSL Certificate installed?

check "Determining whether a SSL certificate is installed" to see if it's installed or not
http://webhelp.esri.com/arcgisserver/9.3/dotnet/index.htm#securing_internet_conn.htm


SSL was installed for ArcServer and IIS.
Using JavaScript API Identity manager to communicate with authentication service on ArcServer identity store.
If services are not secure Java client can see the services.

Laurynas
0 Kudos
MostafaFouly
by
New Contributor
‎08-06-2012 05:04 AM
did you require that users of your application employ HTTPS when accessing it? is the 1st option not working with you?

you can try using the token authentication option as well, i tried it before and it's quite simple to implement, check the following sample:
https://servicesbeta.esri.com/security/index.html
0 Kudos
p_thibault
by
New Contributor
‎09-14-2012 07:27 AM
Hey,
Having problems accessing secure services thru SSL enabled site  https://<arcserver>:6443/arcgis/rest/services
in JavaScript API and arcgis.com, i get the message: "Unable to access the authentication service".
I dint had this problem before SSL was enable.
I am using Identify manager and ArcServer 10.1.

Flex viewer,ArcExplorer,ArcMap has no problem with secure services

Thanks,

Laurynas Gedminas


Have you resolved this yet?  I am having the same exact issue.  SSL is set, Roles and Users are ok.  I can test this through the REST services login page. But the IdentityManager widget gives me a "unable to access the authentication service". when trying to access from a web application.
0 Kudos
JeffPace
by MVP Alum
MVP Alum
‎09-14-2012 08:31 AM
Have you resolved this yet?  I am having the same exact issue.  SSL is set, Roles and Users are ok.  I can test this through the REST services login page. But the IdentityManager widget gives me a "unable to access the authentication service". when trying to access from a web application.


have you registered you server with the identity manager? at 2.6 (i believe) and below it would guess, now you have to explicitly set it

function initSecurity() {

                        var serverInfo = new esri.ServerInfo();
                        serverInfo.server = '<https server>';
                        serverInfo.tokenServiceUrl = '<https server>/arcgis/tokens/generateToken';
                        esri.id.registerServers([serverInfo]);

                };
0 Kudos
p_thibault
by
New Contributor
‎09-17-2012 11:47 AM
I do not want to hijack this thread,

But...I have read a good deal of documentation on security... but is there a condensed checklist for implementing the identitymanager on IIS7.  I seem to be going in circles.  I am sure it is something simple.

The variables are: IIS7, Arcgis Server 10.1, Javascript 3.0.  (Server Certificate for SSL is on).

For a non-security person, reading the various ways of implementing security seems to all blend....it is not always easy to determine what method someone is trying to use to ascertain if it applies to identitymanager.

Many thanks.
0 Kudos
LaurynasGedminas
by
New Contributor
‎11-08-2012 11:42 AM
Kinda dropped on this issue since client wants Flex site only.
On other hand if you use original port 6080 with SSL enabled on the Web Server, i was able to connect to the services thru
https://localhost:6080

Thanks,
Laurynas
0 Kudos