I couldn't figure out if there is a method to secure WMS services such that it can be accessed by Esri and non-Esri clients.
Is there a code can I write it some where?
[GIS] How the WMS services can be secured such that it can be accessed by Esri and non-Esri clients
arcgis-serverauthenticationwms
Best Answer
To secure WMS services on ArcGIS server, you can use token-based authentication.
ArcGIS Server managed token-based authentication
Although not recommended, a WMS service can still be secured using ArcGIS Server managed token-based authentication by using this type of authentication on its parent map or image service. To make raw requests to WMS services protected by a token, you can get a valid token from the token service and append the token string as an extra parameter to the requests you send out. In other words, requests to a token-secured WMS service must use the following format:
http://<WMS_service_url>?<standard WMS parameters>&token=<valid_tokenString>
Most third-party desktop WMS clients will not be able to connect to WMS services secured in this way, but this technique can be used with WMS clients built with the ArcGIS API for JavaScript.
Reference:
http://server.arcgis.com/en/server/10.3/publish-services/linux/wms-services.htm#GUID-BB6D9497-6981-407F-BF9F-4ED3BB615024