How to securely authenticate with Arcgis Server using username && password
See original GitHub issue- Version of Leaflet (
L.version
):
1.4.0
- Version of esri Leaflet (
L.esri.VERSION
):
2.2.3
Hi, I’m using this tutorial from the doc to authenticate to an ArcGIS server and then retrieve a DynamicMapLayer. The tutorial shows how to authenticate by hardcoding the credentials in the application.
I’m using one of my company’s account and I’d like to secure it so no user of the web application can get them and use them without our knowledge nor our consent for another purpose. We still want to login to this service using our own account though and not force users to create a personnal ArcGIS account.
Does esri-leaflet offer a way to authenticate to an ArGIS service on the server side of the application ? This would avoid lots of complications trying to hide the credentials on the client-side…
Thank you
Issue Analytics
- State:
- Created 4 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Security and authentication | Documentation
If you wish to authenticate using an ArcGIS Enterprise account, you can use ArcGIS identity, application credentials, and other ArcGIS identity ...
Read more >How To: Add secure ArcGIS Server services as items in ...
Procedure · Add a username in Enter username box, and password in Enter password box with the credentials for an ArcGIS Online account...
Read more >Configure security settings—Portal for ArcGIS (10.7 and 10.7.1)
Configure a list of portals (for example https://otherportal.domain.com/arcgis) with which you want to share secure content. This will allow members of your ...
Read more >Best practices for configuring a secure environment—ArcGIS ...
Requesting and configuring your own server certificate · Restricting file permissions · Disabling the primary site administrator account · Defining the shared key ......
Read more >Best practices for configuring a secure environment
When securing ArcGIS Server, it's important that the environment ArcGIS Server runs in be ... Its name and password are recognized only by...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
About the Esri Master Agreement : I got in touch with the person in charge at my company. The MapService we use from Esri is public (the concerned data originally comes from the NOAA) so we can share it without infringing any terms of use if we give it for free.
About securing the credentials inside the web app : I think we will instead get the data directly from this api which is free of use and doesn’t require any token or authentication process.
Thanks for your help
@pmacMaps from the sound of it @Djohn12 wants to display secure services without asking users to login.
@Djohn12 if i’ve got that right, you most certainly are not the first person to have asked such a question. INAL, but it sounds like a violation of the Esri Master Agreement:
this does not mean that folks must sign in each and every time they view private content in your own application. Whether you use a built-in identity store or a SAML provider, there are techniques you can use to persist a user’s login.