Greetings,
I'm looking into a way to incorporate row level security, if at all possible on the database side (due to a client's needs), while still using ESRI's rest services.
The scenario is, they have an sde database with several million rows, and about 300 hundred users. Each user will only be able to access certain rows based on their login.
I know ArcGIS manager can be configured to use the ActiveDirectoryProiver, but to secure in this fashion, wouldn't we have to publish several hundred services?
Additionally I've considered using a single service with a spatial view for each user (indexing performance enhancements and all), and publishing them with Map & Feature access, and then limiting access to the different layers through the proxy config.
I'm aware I could simply use the QueryTask along with a where string, but I don't believe the client will be satisfied with this solution.
Also there's the matter of obtaining the security context within the silverlight app - I was planning on just calling a simple web service which would check the Membership provider and get and info I needed from there.
Any thoughts, or suggestions?
Please tell me I'm missing something very simple 🙂
Thanks for any help