Authentication is the process of verifying the identity of a user. In ArcGIS Server, this can be done by using either ArcGIS token-based authentication or web-tier authentication.
ArcGIS Server authentication
When authentication is done at the GIS server tier, users are authenticated using Esri's proprietary ArcGIS token-based authentication mechanism. ArcGIS Server authentication is the most common method used when GIS web services are primarily consumed by client applications. For information on how ArcGIS token-based authentication works, see About ArcGIS tokens.
If you have Windows Active Directory, you can use Integrated Windows Authentication to connect to ArcGIS Server. This enables an automatic or single-sign on experience for users of the site through web-tier authentication. To use Integrated Windows Authentication, you must use ArcGIS Web Adaptor (IIS) deployed to Microsoft's IIS web server. You cannot use ArcGIS Web Adaptor (Java Platform) to perform Integrated Windows Authentication.
If you have an LDAP directory, you can use it with ArcGIS Server. To use LDAP, you must deploy your Web Adaptor to a Java application server such as Apache Tomcat, IBM WebSphere, or Oracle WebLogic. You cannot use ArcGIS Web Adaptor (IIS) to perform web-tier authentication with LDAP.
If your organization has PKI, you can use certificates to authenticate communication with your server using the Secure Socket Layer (SSL) protocol. When authenticating users, you have the option to use Windows Active Directory or Lightweight Directory Access Protocol (LDAP). To use Windows authentication, your Web Adaptor must be deployed to Microsoft 's IIS web server. To use LDAP, your Web Adaptor must be deployed to a Java application server such as Apache Tomcat, IBM WebSphere, or Oracle WebLogic. It is not possible to enable anonymous access to your site when using PKI.