Secured map service doesn't work in VS 2010.

weiliang · ‎06-08-2010

I try to upgrade our VS from 2008 to 2010. By creating a most easy silverlight Website, I try to see if the VS 2010 works. However, our secured map service (accessed by using proxy page and published on AGS 9.3.1) can not be successfully embedded in VS 2010 (either silverlight 3.0 with ESRI API 1.2 or silverlight 4.0 with ESRI API 2.0) (IE shows "Unauthorized access") .

BTW, with the same procedures and proxy files, the secured service can be successfully embedded in VS2008 created website.

I think this is a bug in ESRI silverlight API. Could someone tell me if you have the same problem?

Thanks,

Wei

dotMorten_esri · ‎06-08-2010

I don't understand what the issue is with VS2010. The Silverlight application doesn't run in VS2010, but runs in the browser. Could you clarify?

weiliang · ‎06-08-2010

Yes, you are right. The website runs in the browser. But if I use VS 2010 (trail version) to develop website with our secured map service, the browser can not display the map. (BTW, I'm not a new user to ESRI Silverlight API, and I have used the secured map service in our website without problem in VS 2008 for some time). Could you make a test to see if there is ang bug to consume secured map service in VS 2010?

Many thanks for your reply, Morten.

Wei

DominiqueBroux · ‎06-09-2010

Hi Wei,

It's still unclear to me.
Do you mean:
- that your application developed with VS2010 is not working at all (even outside of VS2010)?
- that your application is working outside of VS2010 but not working if, for example, you try to debug it inside VS2010?
- that you have some issues with the design mode in VS2010 (for example using the server explorer)?

JonHowes · ‎06-09-2010

Can someone please who understands the use of the generic http handler please respond to this thread?

if you are using a secure connection to the REST API you have to use the proxy.ashx and proxy.config files which are supplied by ESRI. Do a search on your site and you will see what he is talking about.

His is not able to use this handler correctly in VS2010. I would assume that it is not working the same as in VS2008.

One thing to check? What version of the framework are you building the application in? If this is a concern I suspect that that 4.0 framework may handle the http handler differently (proxy.ashx). I would first bump the version of the framework down to 3.5 and see if you can get is working there. otherwise it might indeed be a bug.

weiliang · ‎06-09-2010

Thanks for all your kindly reply, Morten, Dominique, and howez. Howez accturally understands my question very well (thanks for your clarification). Within VS 2010 for the secured map service, I have tried all the possibilities (e.g., different browsers; debug mode vs. deploy mode; 3.5 framework vs. 4.0 framework; Silverlight 3 with ESRI 1.2 API vs. Silverlight 4 with ESRI 2.0 API). Still neither one works. BTW, I can consume the non-secured ESRI provided service in VS 2010 without any error, and I can consume the same secured map service in VS 2008 with no problem by using the proxy page.

To answer Domimique's question:
- that your application developed with VS2010 is not working at all (even outside of VS2010)?          Yes
- that your application is working outside of VS2010 but not working if, for example, you try to debug it inside VS2010?   Neither outside nor inside works.
- that you have some issues with the design mode in VS2010 (for example using the server explorer)?   No.

Thanks,

Wei

DarinaTchountcheva · ‎06-09-2010

Hello Wei,

After a week of playing with Secured Map services and Silverlight applications I have now successfully running applications that use the proxy.ashx and proxy.config.
The applications were developed with VS 2008, Silverlight 3, and Silverlight API 1.2 - working with the proxy page.
I used the VS 2010 conversion wizard to convert the applications to Silverlight 4 ( .Net framework 3.5, and Silverlight API 1.2) - the applications are still working, properly using the proxy.ashx. I did not upgrade to Silverlight API 2 beta, because I didn't want to add more problems at this point, so this could be the reason of your issue.

I am not sure what kind of security you are using, but here is what you might watch out for if you are using Windows Authentication (you probably already know this, but just a little review):

- in your proxy.config make sure you add the username, password, and domain, because this is the account that is used by the proxy to authenticate the request to the map service; If you don't specify these, you will get either 401 Unauthorized or 403 Forbidden (can't recall which one). Just debug the proxy.ashx to see where it breaks, and to make sure the request actually go through it. Because I didn't want to add this username ( I want the currently logged in user to access the map services) I added a few lines of code in the proxy.ashx file to pass the default credentials to webRequest_401.
- if you have alias name for the web server, add another serverItem just in case you have used the alias when adding you layer on the map control;
- make sure you specify the ProxyURL attribute for your layers, QueryTasks, IdentifyTasks...;
- in IIS manager uncheck the Anonnymous user in Directory Security for that website;
- make sure you have the correct settings in web.config in the authentication and identity tags.

Hope this helps!

Good Luck!

Darina

weiliang · ‎06-09-2010

Many thanks for your detailed answer, Darina. I am happy to see that you fulfilled this successfully, and sad that I still cann't make mine works. I will do more tests to pinpoint my problem.

Thanks again for everyone's help!

Wei

JonHowes · ‎06-10-2010

Wei,

I put a breakpoint in the proxy.ashx.cs file at the ProcessRequest Method

public void ProcessRequest(HttpContext context)

it was telling me that the context was invalid. After a quick google search I found that this is caused when the app pool managed pipeline mode was set to classic. As soon as I set this to integrated the context was deemed valid and ready for processing. Unfortunately that is as far as I can go right now as the service I connect to is currently down.

I hope this helps. If the service does come back up I will verify.

jon