Comparing Geocortex Essentials and Access Control Permissions
Geocortex Essentials 4.x provides layer permission settings that allow you to authorize or deny access to a site or part of a site.
This topic discusses the following key differences between VertiGIS Studio Access Control permissions and Geocortex Essentials 4.x layer permissions:
- Proxy
- User credentials
- Data security
Proxy
Access Control acts as a forwarding proxy for the ArcGIS Web Adaptor that accesses the ArcGIS Server services. For details, see How Does Access Control Work?
By contrast, Geocortex Essentials uses the Geocortex Essentials REST API as a proxy for the ArcGIS Server services. For details, see Permissions.
User Credentials
When Geocortex Essentials relays the request to the ArcGIS Server, it uses the credentials configured for the site, if present. If there are no configured site credentials, the credentials of the application pool running Geocortex Essentials are used. This means that all requests to the ArcGIS Server appear to come from the same user.
In Access Control, however, the user makes requests directly to ArcGIS with their own ArcGIS Server credentials.
Consequently, applying Access Control and Geocortex Essentials layer permissions for the same services will produce different results. As all requests that go through Geocortex Essentials use the same credentials, to achieve the same result in Access Control you must configure permissions for the appropriate Geocortex Essentials application pool user.
As of Access Control 5.1, you can apply advanced permission rules using JavaScript. You can use this functionality to configure advanced permissions equivalent to the layer filter workflows available in Geocortex Essentials 4.x.
Data Security
Field permissions are available in Geocortex Essentials. However, they do not secure the field data. Instead, they simply instruct the web map viewer to hide the data from the user. In Access Control, the field data are secure.