AnsweredAssumed Answered

bypass signin with hardcoded credentials

Question asked by jeff.pace on Mar 28, 2014
Latest reply on Mar 28, 2014 by jeff.pace
Using token managed security, trying to bypass login with hardcoded credentials for intranet users. For some reason, even though the token comes back clean and the credential object is created, the login box still pops up? Shouldn't the IdentityManager know a token has been created and use it? I thought that is what the esri.id.initialize did

                            function initPredefinedSecurity() {
//alert('in initPredefinedSecurity');
                                serverInfo = new ServerInfo();
                                serverInfo.server = 'https://www.mymanatee.org/arcgis03';
                                serverInfo.tokenServiceUrl = 'https://www.mymanatee.org/arcgis03/tokens/generateToken';
                                serverInfo.shortLivedTokenValidity = 720;
                                esri.id.registerServers([serverInfo]);
                                var def = esri.id.generateToken(serverInfo, {"username": "util", "password": "util"});

                                def.addCallback(lang.hitch(this, function (tokenInfo) {
                                    
    //var idBase = new IdentityManagerBase();
           //get token creation time in epoch
                                var creationTime = (new Date).getTime();
                                                //calculate the token expiration based on short lived token validity
                                var expirationTime = creationTime + (serverInfo.shortLivedTokenValidity * 60000);
                                                //create array of secured services 
                                               
                        
                                var idObject ={};
                                idObject.serverInfos= [serverInfo];
                                var credentials={};
                                credentials.userId = "util";
                                credentials.server = "https://www.mymanatee.org/arcgis03";
                                credentials.token = tokenInfo.token;
                                credentials.expires = expirationTime;
                                credentials.ssl = true;
                                credentials.creationTime = creationTime;
                                
                                
                                idObject.credentials = [credentials];
                                console.dir(idObject);
                               //credential object is correct
                                    esri.id.initialize(idObject);
                                //sign in dialog pops up
    
                                }));
                            };

Outcomes