Sun Java System Federation Manager 7.0 User's Guide


This module type allows a user to log in without specifying credentials. You can create an Anonymous user so that anyone can log in as Anonymous without having to provide a password. Anonymous connections are usually customized by the administrator so that Anonymous users have limited access to the server. The attributes are:

Valid Anonymous Users

Contains a list of user IDs that have permission to login without providing credentials. If a user's login name matches a user ID in this list, access is granted and the session is assigned to the specified user ID. If this list is empty, a user will be authenticated as the user defined in the Default Anonymous User Name attribute when accessing the following default module instance login URL:


If this list is not empty, Federation Manager will prompt the user to enter any valid Anonymous user name when accessing default module instance login URL (as above).

Note –

If the Valid Anonymous Users list is not empty, the user can login without the login page by accessing the following URL:


Default Anonymous User Name

Defines the user ID to which a session is assigned if the Valid Anonymous User List is empty and the following default module instance login URL is accessed:


The default value is anonymous.

Note –

If the Valid Anonymous Users list is not empty, the user can login without the login page by using the user defined in Default Anonymous User Name. This can be done by accessing the following URL:


Enable Case Sensitive User IDs

If enabled, this option allows for case-sensitivity for user IDs. By default, this attribute is not enabled.

Authentication Level

The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication mechanism. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0.

Note –

If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Authentication Level.