Setting up anonymous access

If anonymous access has not been enabled for IBM® FileNet® Collaboration Services, enable it now. HCL Connections requires anonymous access to be set in FileNet® for public communities.

About this task

IBM® FileNet® Collaboration Services (FNCS) implements anonymous access with a designated user that is used only for this purpose. The user should be a system-type user that is not used by a real person. The user ID does not need, and should not have, any particular privileges on the object store beyond what is given by the installation guide. This user's access control records will determine what level of access is given to anonymous users. Consequently, choose a functional ID that is reserved for this purpose and that does not have special access.

Configuring an anonymous user is required if users will be accessing Connections communities anonymously. In some cases, such as when desktop single-sign on is enabled, or when roles in the communities application have been restricted to limit access to authenticated users, setting up anonymous access for FileNet is optional. Refer to Roles for information on restricting access to anonymous users in communities.

The display name of the user used in this role might appear in some supplemental user interfaces, so a user account or functional ID should be chosen with a suitable display name matching the purpose of this account, for instance, Anonymous User. Do not choose the administrative account ID. Follow these steps to configure anonymous access:

Procedure

  1. Log into the WebSphere® Application Server Integrated Solutions Console that hosts your FileNet® server with the FileNet® Collaboration Services application.
  2. Click Applications > WebSphere enterprise applications > navigator > User RunAs roles,
  3. Select the Anonymous role and enter the user name and password of the LDAP user designated for the anonymous access role.
  4. Click Apply and then click OK to save.
    FileNet® Collaboration Services now reads custom settings from a file that is bundled into the application .ear file during configuration and deployment.
  5. To add properties, the administrator needs to edit the /opt/IBM/ECMClient/configure/explodedformat/fncs/WEB-INF/classes/fncs-sitePrefs.properties file before running the configuration wizard.
  6. Add the following property to the fncs-sitePrefs.properties file at the end of the file after the comments and save it: 
    anonymousAccessEnabled=true
  7. Open the Administration Console for Content Platform Engine (ACCE) as described in step 1 of Configuring collaboration features in FileNet, open the Object Store tab, and select Search in the menu tree.
    If you find the user interface to be different from the following steps, refer to Configuring anonymous access to documents in the Content Navigator knowledge center for more information.
  8. Select New Object Store Search to create a new search.
  9. Select Collaboration Configuration in the Class drop down list and then click Run.
    A single object is displayed.
    Note: If a dialog box that mentions the code FNRAC4002W displays and warns about using a query without a WHERE clause, you can click OK because only one result was expected to be returned.
  10. Click the UUID hyperlink and then click the Properties tab.
  11. On the Properties tab, click the Property Value cell for Download Count Anonymous User Ids, which displays a dropdown menu.
  12. Select Edit list, add the user into the list, and then select it from the drop down menu. The user should be the same user you provided for the User RunAs roles in the WebSphere Application Server Integrated Solutions Console in step 3; however, the SID of the user must be provided instead of the user name. To understand how SID values are created, refer to Generating SID values.
  13. Click OK.
  14. Follow the steps in Configuring collaboration features in FileNet to build and deploy the FileNet® Collaboration Services application.
  15. Apply the authentication filter as described in Configuring web resources and virus scan properties.
    The authentication filter also is needed to enable the antivirus feature.
  16. Validate anonymous access by using an HCL Connections library without logging in or going to /dm/atom/anonymous/libraries/feed on the FNCS server.