Dashboard > SakaiPedia > ... > Users, Groups, Roles, and Permissions > Auth vs. Anon Roles
  SakaiPedia Log In | Signup View a printable version of the current page.  
  Auth vs. Anon Roles
 Browse Space
Added by Mark J. Norton, last edited by Tony Atkins on Jun 06, 2007  (view change)
Labels: 
(None)

An "authorized" user is one who has authorized, i.e. successfully logged in. Any user who has not yet logged in is .anon. Consider the permissions needed for the "create new account". The end user has not yet authenticated, but we need to allow them to create a new account. That's pretty much what the .anon is for.

.auth is for users who don't have a direct grant in a role, but are otherwise logged in. This is so we can use general realms to enhance the specific realms for the activity that we are checking security for. In a specific realm (such as for a Site), the grants of abilities are made to specific users. But we might also consider a realm like !user.template.maintain, which has NO grants, but does define some abilities for any authorized (i.e. logged in) user in the .auth role.
Site running on a free Atlassian Confluence Open Source Project License granted to Sakai Foundation. Evaluate Confluence today.
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.5.5 Build:#811 Jul 25, 2007) - Bug/feature request - Contact Administrators