The user store or the identity store is a repository of user accounts and credentials. ArcGIS Server connects to the user store to authenticate a user requesting access to a resource.
In addition to connecting to your enterprise user store such asWindows Domain or any other directory service that supports an LDAP interface, ArcGIS Server also ships with a built-in storage mechanism where you can create your user accounts.
ArcGIS Server requires you to configure a user store while setting up security on your site.
Response properties
LDAP Properties | Details |
---|---|
ldapURLForUsers | The LDAP URL pointing to the user accounts. Example
|
memberOfAttributeInUsers | The attribute of the user entry that contains role information. Example
|
usernameAttribute | The attribute of the user entry that is to be treated as the username. Example
|
adminUser | The administrative account to the LDAP that has at least read access. Example
|
adminUserPassword | The credentials for the administrative account. Example
|
WINDOWS Properties | Details |
---|---|
adminUser | The administrative account to the LDAP that has at least read access. Example
|
adminUserPassword | The credentials for the administrative account. Example
|
CUSTOM Properties | Details |
---|---|
class | The fully qualified name of the Java class that implements custom access to the user store. Example
|
... | Any custom properties that are required by your class. |
JSON Response syntax
{
"type": "<BUILTIN | WINDOWS | LDAP | CUSTOM>",
"properties": "<properties>"
}
JSON Response example
The JSON representation of a connection to LDAP:
{
"type": "LDAP",
"properties": {
"userPassword": "secret",
"isPasswordEncrypted": "false",
"user": "uid=admin,ou=system",
"userFullnameAttribute": "displayName",
"userGivenNameAttribute": "givenName",
"userSurnameAttribute": "sn",
"ldapURLForUsers": "ldap://ldapserver:10636/ou=users,ou=ags,dc=example,dc=com",
"userEmailAttribute": "mail",
"usernameAttribute": "uid",
"caseSensitive": "false",
"userSearchAttribute": "dn",
}
}
The JSON representation of a connection to Windows Domain users:
{
"type": "WINDOWS",
"properties": {
"userPassword": "secret",
"isPasswordEncrypted": "false",
"user": "mydomain\\winaccount",
"userFullnameAttribute": "displayName",
"userEmailAttribute": "mail",
"userGivenNameAttribute": "givenName",
"userSurnameAttribute": "sn",
"caseSensitive": "false"
}
}