Previous     Contents     Index          Next     
iPlanet Directory Server Access Management Edition Administration Guide



Chapter 7       Anonymous Authentication Attributes


The Anonymous Authentication attributes are organization attributes. The values applied to them under Service Management become the default values for the Anonymous Authentication template. A template is created for each organization when the organization registers for the service. The default values can be changed after registration by the organization's administrator. Organization attributes are not inherited by entries in the subtrees of the organization. The Anonymous Authentication attributes are:



Authentication Level

The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. (The value in this attribute is not specifically used by DSAME but by any external application that may chose to use it.) If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0, the lowest authentication level.


Note If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Auth Level. See "Default Auth Level" for details.




Valid Anonymous User List


This field contains a list of user IDs that have permission to login without providing credentials. If a user's login name matches a user ID in this list, access is granted and the session is assigned to the specified user ID. If the user's login name does not match a user ID in this list, anonymous access is still granted, but the session is assigned to the user ID specified in the Default Anonymous User Name field.


Note In order to login with a user ID defined in Valid Anonymous User List, the user must use the following URL:

http://<hostname>:<port>/<DEPLOY_URI>/login?module=
Anonymous&org=<org_name>&username=<user_id>




Default Anonymous User Name


This field defines the user ID that a session is assigned to if the login name does not match a user ID in the Valid Anonymous User List field. The default value is anonymous. An Anonymous user must also be created in the organization.


Note In order to login using the anonymous authentication service, the user defined in Default Anonymous User Name must use the following URL:

http://<hostname>:<port>/<DEPLOY_URI>/login?module=
Anonymous&org=<org_name>



Previous     Contents     Index          Next     
Copyright © 2002 Sun Microsystems, Inc. All rights reserved.

Last Updated May 09, 2002