Compatibility

Prerequisites

• The authn_anon distribution: authn_anon-1.0.2-distro.zip
• A suitable deployed container (here assumed to be glassfish) to support a web application. Testing has been carried out with Glassfish 4.0. Glassfish installation instructions are available.
• Python (version 2.4 to 2.7) installed on the server.

Summary of steps

1. Please follow the generic installation instructions
2. Update the icat.properties file for icat.server to see the authenticator and restart icat to see the change. The easiest way is to rerun the setup script for the icat.server.
3. Check that it works.

The authn_anon.setup.properties file

glassfish

is the top level of the glassfish installation. It must contain "glassfish/domains", and will be referred to here as GLASSFISH_HOME as if an environment variable had been set.

port

is the administration port of the chosen glassfish domain which is typically 4848.

The authn_anon.properties file

ip

If access to the ANON authentication should only be allowed from certain IP addresses then provide a space separated list of allowed values. These take the form of an IPV4 or IPV6 address followed by the number of bits (starting from the most significant) to consider.

mechanism

if specified is a label to appear before the user name as it is made available to ICAT for authorization. For example if this is set to 'anon' then any user will be provided to ICAT as 'anon/anon', but if no mechanism is specified it will be provided simply as 'anon'.

Update the icat.properties file for your ICAT

This is required for icat to see the new authenticator. As any earlier version of this authenticator will have been removed then it is important to perform this next step promptly.

If you still have the installation directory for icat then edit the icat.properties to refer to the new authenticator and type: ./setup install . This is the recommended way to avoid errors. Otherwise edit the icat.properties file in the config directory for your domain and restart the glassfish domain.

Check that authn_anon works

Use testicat (which is installed with ICAT) with one of the entries in the database PASSWD table. It should report that it logs in but may or may not have the permission to run the rest of the test. If it does not report that it has logged in then please check the server.log and the authn_anon.log files which can both be found in the logs directory below your domain.