Middle-Tier Security |
The SAS Anonymous Web User (webanon) is an optional account that can be used to grant Web clients anonymous access to certain SAS Web Infrastructure Platform applications (SAS BI Web Services and SAS Stored Process Web Application). This anonymous account, which is configured with the SAS Deployment Wizard, is applicable only when SAS authentication is being used. If Web authentication is used, the Web application server processes authentication requests, and this anonymous account has no effect.
If the webanon account is configured, it will be used when a Web service is configured for SAS authentication, and credentials are not supplied. If the webanon account is not configured, there will be no credentials for authentication, and the request will fail.
In a default SAS 9.2 installation, this anonymous account is configured as an internal user account. To determine whether to enable the webanon user account, administrators must decide whether they want to require clients to provide credentials for all requests. When clients provide credentials to an incoming request, these credentials are always used for authentication whether the account has been enabled or not.
The webanon user is defined in the following locations:
in metadata. In default installations of SAS 9.2, the SAS Anonymous Web Service User is an internal user account that is known only to SAS and that is authenticated internally in metadata. When internal authentication is used, it is not necessary for this user to have a local or network account.
in the operating system of the metadata server machine, only if you selected the External authentication option for this user during a custom installation.
Copyright © 2010 by SAS Institute Inc., Cary, NC, USA. All rights reserved.