4

I have a dumbed-down application to only reference a geometry service, and a feature service.

When the map is being initialized, it sends out a GET request of: http://my.server.com/ArcGISTEST/rest/info?f=json but when using Chrome debug tools / fiddler I see it is returning HTTP 401 error

when I open this url in its own window/tab it produces the following output:

{"currentVersion":10.02,"soapUrl":"a url is in here","secureSoapUrl":"a url is in here","authInfo":{"isTokenBasedSecurity":false}}

It appears this is an object to determine the status/capability of the arcgis server to assist the javascript api.

Why am I getting this error? How do I resolve it? Could this be a symptom of my bigger problem (unable to edit features via javascript api).

Devdatta Tengshe
41.8k37 gold badges148 silver badges267 bronze badges
asked Aug 1, 2013 at 18:54
4
  • Use the Fiddler "Compare" option to compare the request that got 401ed with the request that works. It's likely there is some difference. Commented Aug 1, 2013 at 20:38
  • What kind of security have you set up on your server? Commented Aug 2, 2013 at 6:00
  • @mwalker unsuccessful request has (differences here only): Accept: / Origin: mapsd.nscorp.com Content-Type: application/x-www-form-urlencoded Referer: mapsd.nscorp.com/esriuc/noproxy.htm successful: (none of the headers referenced above) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Commented Aug 14, 2013 at 20:14
  • @DevdattaTengshe We are using Windows (not Basic, but Negotiate/NTLM) Commented Aug 14, 2013 at 20:24

2 Answers 2

2

This is a guess - but, if your viewer is not secured and your services are secured, then the browser might be re-using the HTTP connection (using HTTP keepalive) when the requests for your services are made.

To avoid this, apply the same security to your viewer as what would be used on the ArcGIS server. Then, the browser will be forced to log in on the first page load and will continue to use the login credentials for subsequent requests.

answered Aug 14, 2013 at 23:54
2
  • I disabled anonymous authentication, and enabled Windows (NTLM) authentication on the website that the viewer is hosted on. I am still getting the 401 though. Commented Aug 15, 2013 at 14:35
  • 2
    Check the IIS logs to determine who IIS thinks you are, especially for the 401 requests. You can get a 401 for "I don't know who you are" as well as "I know who you are, and you're not allowed" Commented Aug 15, 2013 at 17:46
0

This is one of the cross domain situation as the blow url shows:

https://developers.arcgis.com/javascript/latest/guide/cors/index.html

answered Jan 16, 2018 at 0:49

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.