Rahul,
Thanks for the info, but I must be missing how this would help? Is the IdentityManager used to determine if the request should be proxied? Even at 3.3, there is still no sample that uses IdentityManagerBase to show how it can/should be used.
We would like to avoid having to pass the token down to the client. The example you provided for my previous post shows client-side provided credentials. Users of the app will log into the WebApp, not ArcGIS Server. Furthermore, the proxy approach allows us to leave the ArcGIS server out-of-sight and only open 1 port/IP address in the firewall.
Any code sample for 3.1 or up that could get me started?
Regards,
Eric