hzhu

Identity Manager for server  10.1

Discussion created by hzhu on Jan 4, 2013
Just return to JS API recently, and working on access secured map services. Because of the use of web adapter plus reverse proxy, the previous app on access secured map service no longer worked. It took me a while to find a workable solution to use identity manager to access secured map services. Here i shared with peers hoping it could save you some time.

For pre 10.1 server, this is how i used Identity manager for login to secured map service.
1. include  dojo.require("esri.IdentityManager") in your javescript
2. in your proxy.config, add one serverUrl: <serverUrl url="https://your web site/serverinstance(arcgis as default)/token" matchAll="true"></serverUrl>
and you all set. if you add a secured map service to you map without token, the identity manager will pop up asking login before loading it to the map.

For 10.1 server. I found i need to do more steps: Here is how i did ( it may not work or unnecessary for you case):
1. include  dojo.require("esri.IdentityManager") in your javescript
2. in your proxy.config, add one serverUrl: <serverUrl url="https://your web site/serverinstance(arcgis as default)/tokens/generateToken" matchAll="true"></serverUrl>
Question: how do you know what url i shoud put in? Answer: It is sample: type the security secured service to the web browser address, it will redirect you to the ArcGIS Server REST API Login page. click Get Token link on top right of the page, it will direct you to the ArcGIS Token Service Page. Click the Generage Token button without putting any credentials, it will lead you to another page. Copy the page address from the address bar.  That address is the one u need to put in the serverUrl - like the above one-https://your web site/serverinstance(arcgis as default)/tokens/generateToken. The address "defines the secure service and token endpoints" so that it knows where to varify and authorize your authentication.
3. Because of redirect of the web adapter and/or web reverse proxy,  the identity manager may not work properly when access secured service, In my case, the identity manager display an error message saying: "Unable to access the authentication service".
It tell you that the identity manager cannot determine the locatation of the secure server and token endpoint. In this case you need to register secure servers and the token endpoints By adding the following code block to the init function:

.....
dojo.require("esri.IdentityManagerBase");

function init(){
          var serverInfo = new esri.ServerInfo();
          serverInfo.server = 'https://your web site';
          serverInfo.tokenServiceUrl = 'serverUrl in step 2';
          esri.id.registerServers([serverInfo]);
          ......
}


Hope it will help!

Outcomes