Secure Global Desktop Administration Guide > Users and authentication > The Anonymous user login authority

The Anonymous user login authority

Overview

The Anonymous user login authority allows users to log in without using a username and password.

As users are anonymous, Secure Global Desktop assigns each anonymous user a temporary identity. The identity is only effective while the user is logged in.

This login authority is disabled by default.

Logging in

Web browser users log in by clicking the Log in button on the Secure Global Desktop login page, leaving the username and password blank.

If you are using the classic webtop, you can also log in by visiting the following URL:

http://server/tarantella/kiosk.html

If you are using the Sun Secure Global Desktop Native Client to access the classic webtop, there is a checkbox on the login dialog that allows you to log in anonymously.

Authentication

  1. This login authority authenticates users if the username and password are both blank.
  2. If either a username or a password is supplied, the next login authority is tried.
  3. If both the username and the password are blank, then the user may log in.

User identity

As the user does not supply a username or password when they log in, Secure Global Desktop assigns a temporary identity which has the form .../_dns/server/_anon/number.

Login profile

The profile object o=Tarantella System Objects/cn=Anonymous Profile is always used for the login profile.

This means all anonymous users receive the same webtop content.

Emulator sessions and password cache entries

Each user logged in anonymously has independent emulator sessions. These emulator sessions end automatically when the user logs out (or closes the web browser) even if the application is configure to be always resumable.

All password cache entries belong to the o=Tarantella System Objects/cn=Anonymous User Profile object in ENS. This means that all anonymous users share the same application server passwords. Anonymous users aren't allowed to add or change password cache entries. Use the tarantella passcache command to manage application server passwords for anonymous users.

Related topics