Community
Select to view content in your preferred language

bypass signin with hardcoded credentials

1413
3
03-28-2014 12:00 PM
JeffPace
by MVP Alum
MVP Alum
‎03-28-2014 12:00 PM
Using token managed security, trying to bypass login with hardcoded credentials for intranet users. For some reason, even though the token comes back clean and the credential object is created, the login box still pops up? Shouldn't the IdentityManager know a token has been created and use it? I thought that is what the esri.id.initialize did

                            function initPredefinedSecurity() {
//alert('in initPredefinedSecurity');
                                serverInfo = new ServerInfo();
                                serverInfo.server = 'https://www.mymanatee.org/arcgis03';
                                serverInfo.tokenServiceUrl = 'https://www.mymanatee.org/arcgis03/tokens/generateToken';
                                serverInfo.shortLivedTokenValidity = 720;
                                esri.id.registerServers([serverInfo]);
                                var def = esri.id.generateToken(serverInfo, {"username": "util", "password": "util"});

                                def.addCallback(lang.hitch(this, function (tokenInfo) {
                                    
    //var idBase = new IdentityManagerBase();
           //get token creation time in epoch
                                var creationTime = (new Date).getTime();
                                                //calculate the token expiration based on short lived token validity
                                var expirationTime = creationTime + (serverInfo.shortLivedTokenValidity * 60000);
                                                //create array of secured services 
                                               
                        
                                var idObject ={};
                                idObject.serverInfos= [serverInfo];
                                var credentials={};
                                credentials.userId = "util";
                                credentials.server = "https://www.mymanatee.org/arcgis03";
                                credentials.token = tokenInfo.token;
                                credentials.expires = expirationTime;
                                credentials.ssl = true;
                                credentials.creationTime = creationTime;
                                
                                
                                idObject.credentials = [credentials];
                                console.dir(idObject);
                               //credential object is correct
                                    esri.id.initialize(idObject);
                                //sign in dialog pops up
    
                                }));
                            };
0 Kudos
3 Replies
ReneRubalcava
by
Honored Contributor
‎03-28-2014 12:11 PM
Could it be the map is loading before this line has a chance to run.
def.addCallback(lang.hitch(this, function (tokenInfo) {...}))


I can't tell when the initPredefinedSecurity() executes, but if you want to be sure it runs before the map loads, maybe try returning a promise so you can do

initPredefinedSecurity().then(function() { /*map load goodies*/ });


Again, I could be totally misunderstanding the sequence of events you have going here.
0 Kudos
JeffPace
by MVP Alum
MVP Alum
‎03-28-2014 12:15 PM
you are mostly right.  THey were loading simultaneously

I changed it to 

esri.id.initialize(idObject).then(lang.hitch(function() {
initMap();
}));


and it looks like esri.id.initialize is never coming back?
0 Kudos
JeffPace
by MVP Alum
MVP Alum
‎03-28-2014 12:41 PM
got it, but i don't know why

had to change

credentials.ssl = false;

but i am using all ssl, so no idea why
0 Kudos