|Previous Contents Index Next|
|Sun ONE Identity Server Administration Guide|
Chapter 15 Anonymous Authentication Attributes
The Anonymous Authentication attributes are organization attributes. The values applied to them under Service Configuration become the default values for the Anonymous Authentication template. The service template needs to be created after registering the service for the organization. The default values can be changed after registration by the organization's administrator. Organization attributes are not inherited by entries in the subtrees of the organization. The Anonymous Authentication attributes are:
The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. (The value in this attribute is not specifically used by Identity Server but by any external application that may chose to use it.) If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0, the lowest authentication level.
Note If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Auth Level. See "Default Auth Level" for details.
Valid Anonymous User List
This field contains a list of user IDs that have permission to login without providing credentials. If a user's login name matches a user ID in this list, access is granted and the session is assigned to the specified user ID. If the user's login name does not match a user ID in this list, anonymous access is still granted, but the session is assigned to the user ID specified in the Default Anonymous User Name field.
Note In order to login with a user ID defined in Valid Anonymous User List, the user must use the following URL:
Default Anonymous User Name
This field defines the user ID that a session is assigned to if the login name does not match a user ID in the Valid Anonymous User List field. The default value is anonymous. An Anonymous user must also be created in the organization.
Note In order to login using the anonymous authentication service, the user defined in Default Anonymous User Name must use the following URL:
Previous Contents Index Next
Copyright 2002 Sun Microsystems, Inc. All rights reserved.
Last Updated December 04, 2002