A singleton instance to manage authentication. More...
| Header: | #include <AuthenticationManager.h> |
| Since: | Esri::ArcGISRuntime 100.0 |
| Inherits: | Esri::ArcGISRuntime::Object |
Properties
- clientCertificateInfos : const QStringList
Public Functions
| virtual | ~AuthenticationManager() override |
Signals
| void | authenticationChallenge(Esri::ArcGISRuntime::AuthenticationChallenge *challenge) |
| void | clientCertificateInfosChanged() |
| void | clientCertificatePasswordRequired(const QUrl &certificate) |
| void | fetchLoginTypeForUrlCompleted(Esri::ArcGISRuntime::LoginType loginType) |
Static Public Members
| bool | addClientCertificate(const QUrl &clientCertificate, const QString &password = QString()) |
| QStringList | clientCertificateInfos() |
| Esri::ArcGISRuntime::CredentialCache * | credentialCache() |
| void | fetchLoginTypeForUrl(const QUrl &url) |
| Esri::ArcGISRuntime::AuthenticationManager * | instance() |
| bool | isCredentialCacheEnabled() |
| void | setCredentialCacheEnabled(bool enabled) |
Detailed Description
This class allows you to manage authentication/security related tasks.
It emits the authenticationChallenge signal whenever an authentication or security issue is encountered anywhere in the API.
The following challenges can be raised by the AuthenticationManager:
- AuthenticationChallengeType::UsernamePassword - Challenges needing username and/or password authentication.
- AuthenticationChallengeType::OAuth - Challenges needing an OAuth authorization code.
- AuthenticationChallengeType::ClientCertificate - Challenges needing a client certificate to be provided.
- AuthenticationChallengeType::SslHandshake - Challenges needing a response to certain SslError errors, usually an untrusted host due to a self-signed certificate.
To handle authentication challenges in the UI automatically in QML, import the Esri.ArcGISRuntime.Toolkit module and declare the AuthenticationView component.
To see a full example of using the AuthenticationView with the AuthenticationManager, please see the token authentication sample.
It also contains an instance of a CredentialCache which maintains a cache of credentials, in memory, that have been previously used to satisfy authentication challenges. This allows a credential to be reused where appropriate, and prevents unnecessary or duplicate challenges from being issued while accessing secure resources from the same security realm. Caching happens automatically if isCredentialCacheEnabled() is true.
Note: When the user wants to sign out, the CredentialCache::removeAllCredentials() method must be called explicitly to clear the credential cache.
Relevant samples:
- Access portal user info: Retrieve a user's details via a Portal.
- Integrated windows authentication: Uses Windows credentials to access services hosted on a portal secured with Integrated Windows Authentication (IWA).
- Show organization basemaps: Connect to Portal to give users access to their organization's basemaps.
Property Documentation
[read-only] clientCertificateInfos : const QStringList
This property holds the list of client certfication information available from the authentication manager to be used for a client certification authentication challenge (read-only).
Use the index of this list to respond to a client certificate authentication challenge with AuthenticationChallenge::continueWithClientCertificate
Access functions:
| QStringList | clientCertificateInfos() |
Notifier signal:
Member Function Documentation
[override virtual] AuthenticationManager::~AuthenticationManager ()
Destructor.
[static invokable] bool AuthenticationManager::addClientCertificate (const QUrl &clientCertificate , const QString &password = QString())
Adds a client certifcate to the authentication manager by providing a path to a clientCertificate file and and optional password for the certificate.
This function returns true if the certificate was successfully added, or returns false if the certificate file could not be opened or if the password was incorrect.
This function is invokable from QML.
Note: This function can be invoked via the meta-object system and from QML. See Q_INVOKABLE.
[signal] void AuthenticationManager::authenticationChallenge (Esri::ArcGISRuntime::AuthenticationChallenge *challenge)
AuthenticationManager emits this signal when a response from an authentication challenge is required.
Since Esri::ArcGISRuntime 100.1, authentication challenges occur sequentially. The application or user must respond to a challenge request to allow following challenges in the queue to be emitted.
The returned AuthenticationChallenge object has the AuthenticationManager as its parent.
See also Returned QObjects Parenting.
[signal] void AuthenticationManager::clientCertificateInfosChanged ()
AuthenticationManager emits this signal when a client certificate is successfully added by calling addClientCertificate.
Note: Notifier signal for property clientCertificateInfos.
[signal] void AuthenticationManager::clientCertificatePasswordRequired (const QUrl &certificate)
AuthenticationManager emits this signal when a password is required to add a client certificate with addClientCertificate.
[static] Esri::ArcGISRuntime::CredentialCache *AuthenticationManager::credentialCache ()
Returns the credential cache being maintained by the authentication manager.
The credential cache contains credentials that have been used previously to satisfy authentication challenges. This allows a credential to be reused where appropriate, and prevents unnecessary or duplicate challenges from being issued while accessing secure resources from the same security realm.
[static, since Esri::ArcGISRuntime 100.2] void AuthenticationManager::fetchLoginTypeForUrl (const QUrl &url)
Checks the login type for the given portal url.
Requests the LoginType for a given url, and emits the fetchLoginTypeForUrlCompleted signal when finished. The loginType that is passed through the signal as a parameter will return as Unknown if an error occurred or if the URL is invalid.
This function was introduced in Esri::ArcGISRuntime 100.2.
[signal] void AuthenticationManager::fetchLoginTypeForUrlCompleted (Esri::ArcGISRuntime::LoginType loginType )
AuthenticationManager emits this signal after the fetchLoginTypeForUrl method has completed.
- loginType The portal login type.
[static] Esri::ArcGISRuntime::AuthenticationManager *AuthenticationManager::instance()
Returns the singleton instance of the AuthenticationManager.
Use this method to get a reference to this instance so you can connect its signals to slots.
[static] bool AuthenticationManager::isCredentialCacheEnabled ()
Returns true if credentials are cached automatically.
By default, automatic caching is enabled.
[static] void AuthenticationManager::setCredentialCacheEnabled (bool enabled)
Sets whether credential caching is automatically enabled.
See also isCredentialCacheEnabled().