Question

How to write to Feature Service on ArcGIS Portal using NTML auth and token

  • 15 October 2021
  • 5 replies
  • 21 views

FME Desktop

FME(R) 2019.1.3.1 (20191019 - Build 19643 - WIN32)

Running on a server with Windows 2008 R2 service pack 1

 

I have a workspace that uses an HTTPCaller transformer to get a user token from ArcGIS Portal. I then take that token and use it to read features from an ArcGIS Server Feature Service. This works fine.

 

Then, I use that same token to write to an ArcGIS Server Feature Service through the ArcGIS Portal Feature Service writer. I do this because there is no ArcGIS Server Feature Service writer. But I'm not able to get it to work.

 

Is there a better way to do this (write to a Feature Service sitting on ArcGIS Server)?

 

Below is a screen shot of the ArcGIS Portal writer

ArcGIS Porter Feature writerAnd below is the error from the log. Note that the writer is appending "sharing/content/users/https:?f=json" to the URL. 

Creating writer for format: Esri ArcGIS Portal Feature Service
Trying to find a PYTHON plugin for writer named `ARCGISPORTALFEATURES'
The workspace does not contain user Python. FME will attempt to use a Python 3.7+ interpreter
Using Python interpreter from `D:\Program Files (x86)\FME\fmepython37\python37.dll' with PYTHONHOME `D:\Program Files (x86)\FME\fmepython37'
Python version 3.7 loaded successfully
Loaded Python module `arcgisonlinefeatures' from file `D:\Program Files (x86)\FME\python\python37\arcgisonlinefeatures\__init__.pyc'
FME Configuration: No destination coordinate system set
Loaded Python module `arcgisonlinefeatures' from file `D:\Program Files (x86)\FME\python\python37\arcgisonlinefeatures\__init__.pyc'
Writer `ARCGISPORTALFEATURES_1' of type `ARCGISPORTALFEATURES' using group definition keyword `ARCGISPORTALFEATURES_1_DEF'
Loaded Python module `arcgisonlinefeatures' from file `D:\Program Files (x86)\FME\python\python37\arcgisonlinefeatures\__init__.pyc'
ArcGIS Portal Feature Service Writer: Using authentication type 'NTLM'
ArcGIS Portal Feature Service Writer: Requesting portal information
ArcGIS Portal Feature Service Writer: SSL certificate verification failed for host '###.com'. HTTPS connections may not be secure. Disabling verification of SSL certificates. Message: HTTPSConnectionPool(host='###.com', port=443): Max retries exceeded with url: /portal/sharing/rest/portals/self?f=json (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1051)')))
ArcGIS Portal Feature Service Writer: Getting item with ID 'token'
ArcGIS Portal Feature Service Writer: Getting list of user content items in 'https:'
Python Exception <HTTPError>: 400 Client Error: Bad Request for url: https://###.com/portal/sharing/content/users/https:?f=json

 


5 replies

Although this is implied in the question with NTML, I want to clarify that I cannot use the ArcGIS Portal Web Connection Template because the client setup does not use OAuth 2 (it is setup to use OAuth).

 

That said, is there a Web Connection template for writing to Portal using OAuth?

Badge +8

Hi @vince.pellerito​ 

Before we begin, I would like to get some more clarifications.

What do you mean by Oauth vs Oauth 2.0 ( see Esri doc)?

As per my understanding, ArcGIS Enterprise only supports OAuth 2.0. To use that method, ArcGIS Enterprise should be configured with build-in identity or SAML authentication (doc)

Currently, there is no ArcGIS Server Feature Service Writer in FME Desktop? As most of the users use ArcGIS Portal Feature writer to update/insert or delete features.

Are there any restrictions on using NTLM Authentications with your ArcGIS Portal Feature Service Writer?

 

Are you trying to write a new Feature Service each time or you are trying to update an existing feature?

You should be able to use Rest API Post request to update features (see Esri documentation) but I do not have any working examples.

 

Thank you for your response, @rahulsharma​ . I did end up using the HttpCaller transformer to add features through Esri's REST API (addFeatures) because I didn't think I could get a Writer to work in my scenario.

 

I think I am assuming too much on how Server and Portal are set up to authenticate (I am working with the client's configuration). I don't really know if they are using OAuth. I assumed that because I was not able to get an FME Web Connection for Portal (using the Esri ArcGIS Portal template) to authenticate. But I'll take your word for it that Enterprise is only set up to use OAuth2.

 

In my scenario, I wanted to add features to an ArcGIS Server Feature Service but I authenticate through Portal. The client's configuration requires both NTLM authentication and a server token. However, I was not able to get this to work with a Writer. I got the following error:

  1. Python Exception <HTTPError>: 400 Client Error: Bad Request for url: https://###.com/portal/sharing/content/users/https:?f=json

As you said, there is no FME Writer for ArcGIS Server Feature Service. So then how could you use a Writer to add features to an ArcGIS Server Feature Service?

Badge +8

Thank you for your response, @rahulsharma​ . I did end up using the HttpCaller transformer to add features through Esri's REST API (addFeatures) because I didn't think I could get a Writer to work in my scenario.

 

I think I am assuming too much on how Server and Portal are set up to authenticate (I am working with the client's configuration). I don't really know if they are using OAuth. I assumed that because I was not able to get an FME Web Connection for Portal (using the Esri ArcGIS Portal template) to authenticate. But I'll take your word for it that Enterprise is only set up to use OAuth2.

 

In my scenario, I wanted to add features to an ArcGIS Server Feature Service but I authenticate through Portal. The client's configuration requires both NTLM authentication and a server token. However, I was not able to get this to work with a Writer. I got the following error:

  1. Python Exception <HTTPError>: 400 Client Error: Bad Request for url: https://###.com/portal/sharing/content/users/https:?f=json

As you said, there is no FME Writer for ArcGIS Server Feature Service. So then how could you use a Writer to add features to an ArcGIS Server Feature Service?

As you said, there is no FME Writer for ArcGIS Server Feature Service. So then how could you use a Writer to add features to an ArcGIS Server Feature Service?

Usually, ArcGIS Portal Writer is usually used by most of the customers.

It is interesting to know that that you are required both NTML Authentication and a Token to access the feature service. It would lead me to believe that there are some permission issues with the feature.

 

I would still like to think that using an ArcGIS Portal Feature Service Writer should work.

If you are getting errors when using NTLM / Kerberos authentication, would you like to share the log file and screenshot from that. I would recommend creating a support ticket and we can continue troubleshooting (possible via screen share) https://community.safe.com/s/submit-case

As you said, there is no FME Writer for ArcGIS Server Feature Service. So then how could you use a Writer to add features to an ArcGIS Server Feature Service? 

Usually, ArcGIS Portal Writer is usually used by most of the customers. 

It is interesting to know that that you are required both NTML Authentication and a Token to access the feature service. It would lead me to believe that there are some permission issues with the feature. 

 

I would still like to think that using an ArcGIS Portal Feature Service Writer should work. 

If you are getting errors when using NTLM / Kerberos authentication, would you like to share the log file and screenshot from that. I would recommend creating a support ticket and we can continue troubleshooting (possible via screen share) https://community.safe.com/s/submit-case 

I do realize that you can write to a feature service using the Portal writer but I've not been able to get it to work in my scenario (authenticate to Portal using NTLM while passing a token to the ArcGIS Feature Service). See the screen shot below to show that I've implemented this. But, I'm getting an error that doesn't seem to be related to the parameters that I'm passing like credentials and URLs.

Python Exception <HTTPError>: 400 Client Error: Bad Request for url: https://###.com/portal/sharing/content/users/https:?f=json

 

image That said, I have been successful in writing to the feature service with these same parameters using the HttpCaller to post to the REST api (note that the image below is cobbled together so it doesn't show all the parameters in the transformer).

imageSo, I think you're right that I will need to seek out customer support.

Thanks again for your helpful responses.

Vince

Reply