Geocortex Essentials does not support Portal authentication when the ESRI Web Adaptor is configured in IIS with Anonymous Access disabled and Windows Authentication enabled. If you configure Geocortex Essentials in this way, sign in attempts will fail:
The error occurs due to an identity conflict between the automatically detected identity from Integrated Windows and the supplied identity Essentials obtains during sign in.
This article explains three options to overcome this limitation:
- Install the Geocortex Web Adaptor Extensions
- Enterprise Logins via SAML
- Registering Portal for ArcGIS with Geocortex Essentials Using the Direct Address.
1. Install the Geocortex Web Adaptor Extensions
This article explains how to install the Geocortex Web Adaptor Extensions:
2. Enterprise Logins via SAML
If you don't configure your Web Adaptor in IIS with Anonymous Access enabled, the next best option is to enable enterprise logins via SAML for your Portal for ArcGIS. Esri documentation can be found below:
Setup Enterprise Logins: https://doc.arcgis.com/en/arcgis-online/administer/enterprise-logins.htm
Configure Active Directory Federation Services: https://doc.arcgis.com/en/arcgis-online/reference/configure-adfs.htm
3. Register Portal with Essentials Using the Direct Address
If you don't enable Anonymous Access or Enterprise Logins via SAML, this workaround will configure Essentials Manager to authenticate directly with your Portal for ArcGIS, instead of through the ESRI Web Adaptor. There are two limitations:
- All content from Portal will be referenced via port 7443 or 7080; these ports must be open to the Geocortex Essentials server and anywhere a Viewer will consume Portal content (i.e. user workstations).
- Single-sign-on (SSO) behaviour will not be possible; users will need to enter (or confirm) credentials.
- Launch the Essentials Post Installer and navigate to the “Configure Sign-In Options” section.
- Change the “Sign in using" option to ArcGIS.
- Enter the direct Portal address (either HTTP or HTTPS).
- Test the address to ensure Essentials can reach Portal via port 7080 or 7443.
- Finish the Post Installer, enter a valid App Id/Secret, and then sign into Portal using valid credentials.
Example Portal URL: