Configuring security in the Roadway Characteristics Editor

Configuring security through Integrated Windows Authentication

You can secure access to the Roadway Characteristics Editor (RCE) using Integrated Windows Authentication (IWA). When you use IWA, logins are managed through Microsoft Active Directory. Users do not sign in and out of RCE; instead, when they start the application in a browser, they are signed in using the same accounts they used to log in to Windows.

Steps:
  1. Install the ArcGIS Web Adaptor (Server).
  2. Open the Internet Information Services Manager and configure IIS to use Windows Authentication.
    1. Using the tree menu on the left side of the window, browse to SitesDefault Web SiteRCE.
    2. Select Authentication to edit its properties.
    3. By default, Anonymous Authentication is selected. Change its status to Disabled. Browse to Windows Authentication. Change its status to Enabled.
    4. Under Default Web Site, browse to the ArcGIS Web Adaptor (IIS). By default, it is named arcgis. Follow steps b and c.
    5. If RCE is deployed through IIS, browse to Sites>Default Web Site and select your RCE folder. Follow steps b and c to enable Windows Authentication.
    6. Open a web browser and access your ArcGIS for Server WSDL: http://<YourServerName>/arcgis/webadaptor/server. Configure your server to use Web Adaptor by specifying the URL and an administrator account for your GIS server.
  3. Configure ArcGIS for Server security to use Windows Active Directory users and roles.

    Alternately, you can use built-in roles from ArcGIS for Server.

    1. Browse to Security in Server Manager and edit the Configuration Settings.
    2. On the User and Role Management page, select Users from an existing enterprise system (LDAP or Windows Domain) and roles from ArcGIS Server's built-in store as your option.
    3. Follow steps 5 through 8 outlined in Configuring ArcGIS Server security to use Windows Active Directory users and roles.
  4. Open your RCE config.json file. Browse to Security. Make sure enabled is set to false to disable token authentication.
  5. Configure administrator and publisher privileges for Active Directory users.

    If you are using the ArcGIS for Server built-in store, use Manager to create and manage roles for users in your Windows Active Directory.

    NoteNote:

    All REST URLs used in your RCE configuration must use the same server hosting the ArcGIS Web Adaptor (IIS).

    NoteNote:

    Remove the port number from all REST URLs used in your RCE configuration.

Configuring security using token-based authentication

You can secure access to RCE by using the ArcGIS for Server token-based authentication mechanism.

Steps:
  1. Open your RCE configuration file. By default, it is named config.json.
  2. Browse to security and set enable to true.
  3. Browse to tokenServer and input your token server URL: http://<YourServerName>/arcgis/tokens.

Launch the RCE application in a web browser. Use your Server credentials to sign in. Once ArcGIS for Server verifies the supplied credentials and issues a token, you will be directed to a secure RCE environment. See About ArcGIS tokens to learn more about token-based authentication.

Copyright © 1995-2014 Esri. All rights reserved.
10/14/2014