sarahclark

Passing IIS Web Authentication details from PHP login page to secured services in app

Discussion created by sarahclark on Apr 23, 2014
I am using a PHP login page (in front of a map application) using Web Authentication through IIS 7.5, and Active Directory manages the allowed users and their credentials. This login page starts a PHP Session to unlock all subsequent secure sites. However our web services need to be secured through our ArcGIS Server, so as users move onward they will be challenged for credentials again by the ArcGIS Server.

I am a newb and stuck at how the 'Negotiate' authentication from IIS (on the PHP site) can be used to also unlock the 'Web Tier' authentication on the ArcGIS Server so that users only enter their credentials once on the initial login page. This will be necessary for users not on the intranet. Is it possible? Maybe I should use this approach: hard code token.

Thanks for any thoughts!

Outcomes