custom java identity store for 10.1

PaulHastings1 · ‎02-16-2013

we're trying to integrate an existing, complex authentication system (using passwords, LDAP, google/facebook/etc authentication depending on the user) into arcGIS server. we don't actually need arcGIS manager to manage this as its an existing system w/working management tools in place. we were hoping that we could just implement the validateUser method, is this the case? or do we need to implement more methods?

thanks.

RichardWatson · ‎02-17-2013

I have implemented a custom ASP.NET security provider so I can speak to that.

ArcGIS Server Manager exposes a set of functionality related to creating, authenticating, finding, etc. users & groups. Some of the functionality is absolutely required, e.g. authenticate user, is user a member of a group, etc. Other pieces are optional, e.g. create user. I didn't implement creation functionality because I expect that to be done in another system but I did implement all the logic which allows the administrator to find/search users and groups.

I seem to recall that the samples had comments with regards to what was required and what was not but I don't think that they were precisely correct.

Best of luck!

PaulHastings1 · ‎02-17-2013

thanks for that, yes i was kind of working to that conclusion (tried to get away w/just validateUser method but the secured service wouldn't even start). the java example implements everything (except passwords or the server itself is hiding that somewhere else) & the docs aren't very informative (the install bits have nothing to do w/anything, several people read them & understood that arcgis manager was somehow involved--its not, just manually edit a config file).

know its possible is half the battle.

thanks again.

PaulHastings1 · ‎02-22-2013

still struggling w/this.

stupid question time: is securing a service in the root folder a no-no? seems that makes arcGIS server unstable to the point that its crashing IIS default app pool & croaking my other app servers (coldfusion, etc.).

thanks.

RichardWatson · ‎02-22-2013

I always secure the root folder such that only authenticated users have access.

See attached image.

PaulHastings1 · ‎02-24-2013

we've had a staging & a dev server (10.1) both start doing tequila shots if we mess w/services in the root.

i don't see anything in the docs but should we be securing folders instead of services?

thanks.