Security Guide for Siebel Business Applications > Security Adapter Authentication > Security Adapter Deployment Options >

Configuring the Anonymous User

The anonymous user is a Siebel user with very limited access. The anonymous user (defined in the Siebel Database) allows a user to access a login page or a page containing a login form. For LDAP/ADSI authentication, the anonymous user must have a corresponding record in the user directory.

You must define an anonymous user for any Siebel application that implements LDAP/ADSI authentication.

The anonymous user is required even if your applications do not allow access by unregistered users. When an AOM thread first starts up, it uses the anonymous user account to connect to the database and retrieve information (such as a license key) before presenting the login page.

In the eapps.cfg file, you can specify that an anonymous user be used for a single application or as the default for all the Siebel Business Applications you deploy. Even if the anonymous user is specified as the default, any single application can override the default.

If you use one anonymous user for most or all of your applications, you may want to define the anonymous user at the defaults level, which requires less administration. To set a default value for a parameter, such as AnonUserName and AnonPassword, include it in the [defaults] section of the eapps.cfg file.

For a parameter to override the default value for an individual application, list it in the application's section, such as the [/eservice] section.

Anonymous Browsing and the Anonymous User

If you implement security adapter authentication or database authentication, you can allow or disallow unregistered users to browse a subset of an application's views. If you allow anonymous browsing, users can browse views that are not flagged for explicit login.

If you disallow anonymous browsing, unregistered users have no access to any of the application's views.

NOTE:  Even if you disallow anonymous browsing, an unregistered user has access to an application's login page.

For information about working with views in Siebel Business Applications, see Configuring Siebel Business Applications.

If you allow anonymous browsing, set the following parameter in the application's configuration file (for example, in eservice.cfg).

AllowAnonUsers = TRUE

Unregistered users are not allowed access to this Siebel application if this parameter value is FALSE.

NOTE:  The anonymous user session caches information; therefore, any changes to data such as catalogs, for example, will not be updated until either the user logs in or the anonymous user session is restarted.

In addition to the AllowAnonUsers parameter, you can set the LoginView parameter. This parameter determines what view appears for login (as opposed to the default Web login page). The AllowAnonUsers parameter must be TRUE for the LoginView parameter to be recognized.

The LoginView parameter does not appear in the [SWE] section of an application's configuration file by default. It must be added.

For information about setting Siebel configuration parameters, see Configuration Parameters Related to Authentication.

Security Guide for Siebel Business Applications