how to tell client app that a service should use the proxy?

ericliprandi · ‎03-05-2013

Hi,
We have implemented the proxy approach to provide token-based authentication without passing tokens down to the client. This works great. However, the approach seems to have a major flaw: it requires that ALL traffic be routed to the proxy (using esri.config.defaults.io.alwaysUseProxy = true). This ends up having a pretty bad impact on the performance of tile services from ArcGIS.com (to the point where we will likely not recommend using them as it is).

This seems to be a simple question, but is there a way to tell the esri client javascript which services/layers should be proxy-ed? I'd rather have a white-list vs. black-list approach for now.

Thanks for the help,

Eric.

RahulMetangale1 · ‎03-05-2013

Hi Eric,

why don't you use identity manager instead which will determine when to use proxy for the service. Or if that is not possible I would suggest setting alwaysUseProxy to false globally, and then before adding the secured layer to map or performing any operation related to it set alwaysUseProxy to true and when operation is complete reset the alwaysUseProxy to false.

I agree this is not the best approach but it works.

ericliprandi · ‎03-06-2013

Rahul,
Thanks for the info, but I must be missing how this would help? Is the IdentityManager used to determine if the request should be proxied? Even at 3.3, there is still no sample that uses IdentityManagerBase to show how it can/should be used.
We would like to avoid having to pass the token down to the client. The example you provided for my previous post shows client-side provided credentials. Users of the app will log into the WebApp, not ArcGIS Server. Furthermore, the proxy approach allows us to leave the ArcGIS server out-of-sight and only open 1 port/IP address in the firewall.
Any code sample for 3.1 or up that could get me started?

Regards,

Eric