Common Security

How to use

If the sample has associated data, you will find that the sample's zip file includes a "data" folder alongside the language folders. However, you will need to update the sample to point to the location of the data once you have extracted all the files.

1. Verify that the Web ADF for the .NET Framework is installed and functioning properly. For information on installing and configuring the Web ADF, consult the installation guide. To use the included SQL Server Express database, Microsoft SQL Server Express 2008 must be installed as well.
2. In Windows Explorer, navigate to <ArcGIS Developer Kit install location>\Samples\ServerNET\Common_Security. This folder contains the sample's CSharp and VBNet folders.
3. Open the folder of the language you're going to use—CSharp or VBNet—and copy the Common_Security_<language> folder to c:\inetpub\wwwroot. The <language> variable can be either CSharp or VBNet.
4. Open the IIS Manager from Control Panel > Administrative Tools > Internet Information Services (IIS) Manager or Internet Information Services.
5. In the console tree view on the left, navigate to Local Computer > Web Sites > Default Web Site, expand Default Web Site, right-click the Common_Security_<language> folder, and click Properties. The Properties dialog box opens.
6. Click the Directory tab, click the Create button in the Application Settings section, then click OK to close the Properties dialog box.
7. Start Microsoft Visual Studio 2008 or 2010 and open the Common_Security_<language><vs_version> solution (for example, Common_Security_CSharp2008.sln). The <vs_version> references the Visual Studio version of the solution, either 2008 or 2010.
8. In Solution Explorer, right-click Default.aspx and select Set As Start Page.
9. Open the Default.aspx page in Design view, open the properties window for the MapResourceManager control, and click the ellipsis next to the ResourceItems property. The ResourceItem Collection Editor dialog box opens.
10. Add or change the MapResourceItem associated with a map service (ArcGIS Server, ArcIMS and so forth). This sample was created using the ArcGIS Server Internet service USA, based on the USA.mxd available in the <ArcGIS Developer Kit install location>\Samples\data\USA folder. Using this service avoids having to change the settings on the Web page.
11. If an ArcGIS Server local resource was added in the previous step, set the run time identity of the Web application by following one of the next two steps. If not necessary, proceed to step 14.
12. At design time, the identity of the user running Visual Studio is used to connect to an ArcGIS Server local data source. At run time, that identity is established by the Web application. Only one identity can be used to define access to the ArcGIS Server local data sources in a single Web application. This identity can be explicitly defined when building the Web ADF application in Visual Studio by right-clicking the Web project in Solution Explorer and selecting the Add ArcGIS Identity option. Enter the identity credentials that will be used to access ArcGIS Server local resources at run time. This information is added to the web.config file in a standard ASP.NET identity tag. If the Encrypt identity in web.config check box is checked, the identity tag will be encrypted; otherwise, the username and password are stored as clear text.
13. Open the web.config file, add an <identity> element in <system.web>, set the impersonate attribute to true, and add a username and password attribute and set them to a valid user account. Ensure the account is in the agsusers and agsadmin account on the ArcGIS Server machine.
14. If the USA map service described in step 10 is not used, follow the steps in the Use a different map service section below.
15. Save the project.
16. Add permissions for the user database by following the steps in the Add database permissions section below.
17. In Visual Studio, click the Debug drop-down menu and click Start Debugging.

1. Open Default.aspx in Design view, click QueryAttributesTask1, click the smart tag (small arrow) in the upper right of the control, and click Edit the Query in the context menu. A dialog box opens.
2. Modify the query so that it applies to a resource and layer in your application.
3. Repeat steps 1 and 2 for QueryAttributesTask2 (in the LoginView control in the upper left of the page).
4. Open the Default.aspx.cs or Default.aspx.vb code-behind page, find the variable layerToHide, and set it to the name of a layer that is present in a map resource (service) in the Web application.
5. Save the project.

1. In Windows Explorer, navigate to the location of your Web site in C:\inetpub\wwwroot, right-click the App_Data folder, and choose Properties. The Properties dialog box opens.
2. Click the Security tab, and click Add. The Select Users, Computers, or Groups dialog box opens.
3. Add the ASPNET if using Windows XP and Network Service account if using Windows Server 2003 and 2008(use the Advanced button to find these accounts if necessary), and click OK.
4. On the Security tab, highlight each of the ASPNET and Network Service accounts, check the Modify check box under Allow, and click OK. The security settings are saved.

1. Browse to the viewer uniform resource locator (URL) (for example, http://localhost/Common_Security_CSharp). You'll be redirected to the login page.
2. Enter a valid login. The included database has two users: manager1 (password manager1$) in the Managers group and staff1 (password staff1$), which is not in Managers group. Upon successful login, you are redirected to the main default.aspx page. If logged in as a user in the Managers role, the items described in the Additional information section below are available. If logged in as a user not in Managers, the page removes a layer, the Map Info tool, and the two tasks from the page.
3. Interact with the map and other items on the page. The Map Info tool, if available, displays fields and names of vector layers in the map services (including graphics layers, if present after using tasks).
4. Use the Change Password link to modify the current user's password.
5. Click Log Off. You are returned to the login page. You can log in again with a different account if desired.
6. Use the Create User link to create a new account. The new account is not added to any role by default, so it cannot access the optional content that is available only to the Managers role. You can use the Web Site Administration Tool to add the user to a role.

Additional information

• Map layer—The highways layer is hidden on the map and its entry removed from the Toc control
• Toolbar item—The custom Map Info command is removed from the toolbar
• Task—Two QueryAttributesTask controls are removed from the page

• Login control—Used in Login.aspx to log in users.
• LoginName control—Used in Default.aspx to display the logged-in username.
• LoginStatus control—Used in Default.aspx to display a log-out hyperlink.
• CreateUserWizard control—Used in CreateUser.aspx to enable new users to create an account. A hyperlink from the login page leads to this page.
• ChangePassword control—Used in ChangePassword.aspx to allow logged-in users to change their password. A hyperlink from the Default.aspx leads to this page.