Enabling anonymous access by token authentication
Enabling anonymous access by token authentication protects the IBM® Sametime® Community Server from overload and from possible security risks.
- Configuring anonymous login by token authentication on the Sametime Community Server
To avoid overload on the IBM Sametime Community Server and to protect the Sametime Community Server from security risks, the login attempts of unauthorized users are controlled through the "Allowed by token authentication only" option in the administration settings. This feature is often used to allow Guest access to audio and video meetings. - Anonymous login token authentication parameters
The anonymous login by token authentication feature is enabled using the Allowed by token authentication only option. This topic describes all of the available token configuration parameters stored in the sametime.ini file. - Manually enabling anonymous login by authentication token
When a deployment restricts log-ins to specific client versions or types, manually enable the anonymous login by authentication token feature using a setting in the sametime.ini file. - Configuring support for anonymous users on the SIP Proxy/Registrar
To support the use of anonymous users, the LDAP repository must contain an anonymous user ID; this must not be the ID that is used for IBM Sametime client authentication. - Mapping the anonymous user with the SIP Proxy/Registrar
Map the anonymous user with the IBM Sametime SIP Proxy/Registrar. - Creating the anonymous_users_tokens objects cache instance
Create an Anonymous_users_tokens object cache instance to allow IBM Sametime clients to register with the Sametime SIP Proxy/Registrar server. Failure to create the Anonymous_users_tokens object cache instance generates the following message: Unable to read data from SIP registrar, check error logs for more details. - Adding Trust Association properties to enable anonymous authentication
Enable anonymous authentication through the Trust Association Interceptor on the IBM Sametime SIP Proxy/Registrar. - Enabling token authentication on the TURN server
Increase the security of the IBM Sametime TURN Server by implementing authentication validation on the Sametime TURN Server and enforcing authentication for Web and IBM Sametime Connect TURN clients. By enabling token authentication, the client securely accesses the TURN Server. The client provides the token generated from the shared secret key and sends its STUN BIND and STUN ALLOCATE messages to the TURN Server. The TURN server then validates the token. If the token is invalid, the TURN Server sends an error response.
Parent topic: Security