The Anonymous authentication scheme provides access privileges to users who are not yet identified in your network. Assigning an anonymous authentication scheme to a realm does not provide access control, but it does allow personalized content for the user.
When a user accesses a resource in a realm that uses the anonymous scheme, the Policy Server assigns a Global Unique Identifier (GUID). This GUID is stored on the user’s browser and provides a method for identifying the anonymous user.
When you create an Anonymous authentication scheme, you must specify a guest distinguished name (DN). You can bind policies to this guest DN that provide personalized content.
Note: Personalized content in a realm protected by an Anonymous scheme is based on the guest DN, not the GUID of the user. Anonymous users view content according to policies that include the guest DN. Identified users have a distinct DN, so an identified user who accesses the same resource (protected by an anonymous scheme) views the content of the resource based on their unique DN rather than the guest DN.
Verify that the following prerequisites are met before configuring an anonymous authentication scheme:
Note: More information on enabling user tracking exists in the Policy Server Administration guide.
You can use an Anonymous authentication scheme to give non-registered users access to specific Web content.
Note: The following procedure assumes that you are creating an object. You can also copy the properties of an existing object to create an object. For more information, see Duplicate Policy Server Objects.
Follow these steps:
Verify that the Create a new object of type Authentication Scheme is selected.
Click OK
The authentication scheme is saved and can be assigned to a realm.
Copyright © 2014 CA.
All rights reserved.
|
|