2.3. Anonymous User Authentication

Anonymous user authentication enables users to log in to SGD without using a user name and password.

As users are anonymous, SGD assigns each anonymous user a temporary user identity. The user identity is only effective while the user is logged in.

Anonymous user authentication is disabled by default.

This section includes the following topics:

2.3.1. How Anonymous User Authentication Works

At the SGD login screen, the user clicks the Log In button, leaving the user name and password blank.

If the user types a user name or a password, the authentication fails and the next authentication mechanism is tried.

If both the user name and the password are blank, the user is authenticated and is logged in.

2.3.1.1. User Identity and User Profile

As the user does not supply a user name or password when they log in, SGD assigns a temporary user identity. In the SGD datastore, the user identity is in the DNS namespace. In the Administration Console, the user identity is displayed as server:number (anon). On the command line, the user identity is displayed as .../_dns/server/_anon/number.

The profile object System Objects/Anonymous Profile is always used for the user profile. All anonymous users receive the same webtop content.

2.3.1.2. Application Sessions and Password Cache Entries

Each user logged in anonymously has independent application sessions. The application sessions end automatically when the user logs out even if the application is configured to be always resumable.

All password cache entries belong to the System Objects/Anonymous User Profile object. All anonymous users share the same application server passwords. Anonymous users cannot add or change entries in the password cache. This means that, unless an SGD Administrator has cached application server passwords for them, anonymous users are prompted for a password every time they start an application. Use the Administration Console or the tarantella passcache command to manage application server passwords for the System Objects/Anonymous User Profile object.

2.3.2. How to Enable Anonymous User Authentication

  1. In the Administration Console, display the Secure Global Desktop Authentication Configuration Wizard.

    Go to the Global Settings → Secure Global Desktop Authentication tab and click the Change Secure Global Desktop Authentication button.

  2. On the Third-Party/System Authentication step, ensure the System Authentication check box is selected.

  3. On the System Authentication - Repositories step, select the Anonymous check box.

  4. On the Review Selections step, check the authentication configuration and click Finish.