I have been working on securing the content on arcgis server at my company. I have a good understanding of the various options and configurations that are available (I've tested most of them and read all the security help documentation for server), and have decided to go with arcgis server built-in security. The problem I think I am having is understanding how to properly use tokens. I need to add secured map services and feature services from my arcgis server to my arcgis online site. At this point, I would like to store credentials with the content being added so that when an individual logs in to my organization's arcgis online site and then opens a saved map, the secured content loads up on the map without requiring additional credientials to be entered. Each time I have attempted this, it seems like the credentials are not being stored with the map service when I initially add it to my arcgis online content, because I am later prompted to enter credentials again when attempting to view that item's details or add it to a map. I feel that I am missing something related to the use of tokens.
This is the first time I have had to manage security on arcgis server, so I could really use a basic explanation of tokens...how to get them, and how to use them within the arcgis online environment. Here is my current configuration:
User Store: ArcGIS Server Built-in
Role Store: ArcGIS Server Built-in
Authentication Tier: GIS Server
Authintication Mode: ArcGIS Tokens
My instance of ArcGIS Server is running on its own machine, and the web adaptor is on a separate web server. Communication is over http and admin access is disabled over the web adaptor.
Thanks,
Mark