How to extend the IdentityManger or IdentityManagerBase

845
2
02-22-2013 12:25 PM
by Anonymous User
Not applicable
Hello all,

Does anyone know how it would be possible change the appearance and behaviour of the IdentityManager?  I'm making a module that in theory can be used in any application that has a map using the JavaScript API.  When it connects to secured services, it is possible to let the IdentityManager work automatically.  However, there are a couple things I'd like to be able to control.  First, it would be ideal to change the appearance of the login prompt, so that it is clear that the login is related to the module I've created.  Otherwise, users need to recognize the url displayed in the IdentityManager in order to know what credentials to input.

The other problem is how to handle HTTPS encryption of secure logins.  The web page that loads the module is loaded using HTTPS, then there's no problem.  But if the module I create needs to be usable within an unencrypted web page, browser security limits our options for sending/receiving data to an HTTPS service from JavaScript.

The only workaround I can think of for maintaining encryption when sending username/passwords is to securely submit the login information through HTTPS in a hidden IFRAME to a script that generates tokens on the server.  The document that loads inside the iframe can then redirect to a non-encrypted location with the token in the URL, which the parent document can access.  If I use this method, I can create an IdentityManager JSON object that contains the token information and call esri.id.initialize( ... ).  Everything works fine at this point, using the token for secured services.

However, what should I do to deal with the expiry of tokens?  Should I just create tokens with very long expiration limits, and not worry about it...or is there a way to control what the identity manager does when it comes time to refresh a token?
0 Kudos
2 Replies
MattLane
Occasional Contributor II
To respond to your first question, the api says that you can access (and modify) the dialog after the onDialogCreate() event. If I wanted to do that, I would hide the serverLink and resLink classes of the dialog and append/prepend what you wanted to change the prompt to.
0 Kudos
JohnGrayson
Esri Regular Contributor
If you want to modify the text displayed in the dialog, look at 'esri.bundle.identity.info' string.  Event though the '${server}' and '${resource}' template parts must be present, but you can hide them via css.  Also, the dialog and buttons are available to manipulate only after the dialog is created.

esri.bundle.identity.info = "Please sign in to MYSITE.<span class='dijitOffScreen'>${server}${resource}</span>";
dojo.connect(esri.id,'onDialogCreate',function(){
  esri.hide(esri.id.dialog.closeButtonNode);
  esri.hide(esri.id.dialog.btnCancel_.domNode);
});
0 Kudos