Integrated Windows Authentication

View inUWPWPFWinUIView on GitHub

Connect to an IWA secured Portal and search for maps.

Image of integrated windows authentication

Use case

Your organization might use Integrated Windows Authentication (IWA) to secure ArcGIS Enterprise. This can be useful because the same credentials used to log into your work computer and network can be used to authenticate with ArcGIS. IWA is built into Microsoft Internet Information Server (IIS) and works well for intranet applications but isn't always practical for internet apps.

How to use the sample

  1. Enter the URL to your IWA-secured portal.
  2. Click the button to search for web maps stored on the portal.
  3. If authentication is successful, portal items will display in the list.

How it works

  1. The currently logged in Windows account will be used to authenticate portal access.
  2. An ArcGISNetworkCredential object is created.
  3. If the user authenticates, the search returns a list of web maps (ArcGISPortalItem).

Relevant API

  • ArcGISNetworkCredential
  • ArcGISPortal

About the data

This sample searches for web map portal items on a secure portal. To successfully run the sample, you need access to a portal secured with Integrated Windows Authentication that contains one or more web map items and credentials which grants you access to that portal.

Additional information

IWA, which is built into Microsoft Internet Information Server (IIS), works well for intranet applications but isn't always practical for internet apps.

More information about IWA and its use with ArcGIS can be found at the following links:

Tags

authentication, Portal, security, Windows

Sample Code

IntegratedWindowsAuth.xaml.csIntegratedWindowsAuth.xaml.csIntegratedWindowsAuth.xaml
Use dark colors for code blocksCopy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
// Copyright 2018 Esri.
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
// You may obtain a copy of the License at: http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific
// language governing permissions and limitations under the License.

using Esri.ArcGISRuntime.Mapping;
using Esri.ArcGISRuntime.Portal;
using Microsoft.UI.Xaml;
using Microsoft.UI.Xaml.Controls;
using System;
using System.Linq;
using System.Text;

namespace ArcGIS.WinUI.Samples.IntegratedWindowsAuth
{
    // Important:
    //    You must add the "Private Networks" capability to use Integrated Windows Authentication (IWA)
    //    in your UWP project. Add this capability by checking "Private Networks (Client and Server)"
    //    in your project's Package.appxmanifest file.
    [ArcGIS.Samples.Shared.Attributes.Sample(
        name: "Integrated Windows Authentication",
        category: "Security",
        description: "Connect to an IWA secured Portal and search for maps.",
        instructions: "1. Enter the URL to your IWA-secured portal.",
        tags: new[] { "Portal", "Windows", "authentication", "security" })]
    public partial class IntegratedWindowsAuth
    {
        private ArcGISPortal _iwaSecuredPortal = null;

        public IntegratedWindowsAuth()
        {
            InitializeComponent();
        }

        // Search the IWA-secured portal for web maps and display the results in a list.
        private async void SearchSecureMapsButtonClick(object sender, RoutedEventArgs e)
        {
            var messageBuilder = new StringBuilder();

            // Indicate through UI that authentication is being attempted.
            SearchSecureMapsButton.IsEnabled = false;
            ProgressStatus.Visibility = Visibility.Visible;

            try
            {
                // Get the value entered for the secure portal URL and format as a URI.
                string securedPortalUrl = SecurePortalUrlTextBox.Text.Trim();
                var securedPortal = new Uri(securedPortalUrl);

                // Show status message and the progress bar.
                AuthenticationMessages.Text = "Attempting authentication and searching for web maps at " + securedPortal.AbsoluteUri;
                ProgressStatus.Visibility = Visibility.Visible;

                // Create an instance of the IWA-secured portal.
                _iwaSecuredPortal = await ArcGISPortal.CreateAsync(securedPortal);

                // Report the user name used for this connection.
                if (_iwaSecuredPortal.User != null)
                {
                    messageBuilder.AppendLine("Connected as: " + _iwaSecuredPortal.User.UserName);
                }
                else
                {
                    // Note: This shouldn't happen for a secure portal!
                    messageBuilder.AppendLine("Anonymous");
                }

                // Report connection info.
                messageBuilder.AppendLine("Connected to the portal on " + _iwaSecuredPortal.Uri.Host);

                // Search the portal for web maps.
                var items = await _iwaSecuredPortal.FindItemsAsync(new PortalQueryParameters("type:(\"web map\" NOT \"web mapping application\")"));

                // Add map names to the list box.
                var resultItems = from r in items.Results select new ListBoxItem { Tag = r.ItemId, Content = r.Title };
                foreach (var itm in resultItems)
                {
                    MapItemListBox.Items.Add(itm);
                }

                // Make the ListBox visible now that it has been populated.
                MapItemListBox.Visibility = Visibility.Visible;

                // Update UI to reflect authenticated state.
                AuthenticationBorder.Visibility = Visibility.Collapsed;
                PostAuthenticationBorder.Visibility = Visibility.Visible;
                PostAuthenticationMessages.Text = messageBuilder.ToString();

                // Load the first portal item by default (calls ListBoxSelectedIndexChanged).
                MapItemListBox.SelectedIndex = 0;
            }
            catch (Exception ex)
            {
                // Report errors.
                messageBuilder.AppendLine(ex.Message);
                AuthenticationMessages.Text = messageBuilder.ToString();
            }
            finally
            {
                // Hide progress bar.
                ProgressStatus.Visibility = Visibility.Collapsed;
            }
        }

        private async void ListBoxSelectedIndexChanged(object sender, SelectionChangedEventArgs e)
        {
            // Clear status messages.
            PostAuthenticationMessages.Text = string.Empty;

            // Store status (or errors) when adding the map.
            var statusInfo = new StringBuilder();

            try
            {
                // Clear the current Map.
                MyMapView.Map = null;

                // Get the portal item ID from the selected list box item (read it from the Tag property).
                var itemId = (MapItemListBox.SelectedItem as ListBoxItem).Tag.ToString();

                // Use the item ID to create a PortalItem from the appropriate portal.
                var portalItem = await PortalItem.CreateAsync(_iwaSecuredPortal, itemId);

                // Create a Map using the web map (portal item).
                MyMapView.Map = new Map(portalItem);

                // Report success.
                statusInfo.AppendLine("Successfully loaded web map from item #" + itemId + " from " + _iwaSecuredPortal.Uri.Host);
            }
            catch (Exception ex)
            {
                // Add an error message.
                statusInfo.AppendLine("Error accessing web map: " + ex.Message);
            }
            finally
            {
                // Show messages.
                PostAuthenticationMessages.Text = statusInfo.ToString();
            }
        }

        // Enable the search button if the entered URL is in the correct format.
        private void SecurePortalUrlTextBox_TextChanged(object sender, TextChangedEventArgs e)
        {
            SearchSecureMapsButton.IsEnabled = Uri.IsWellFormedUriString(SecurePortalUrlTextBox.Text.ToString().Trim(), UriKind.Absolute);
        }
    }
}

Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.