You can invoke a web script without first authenticating, that is, without
specifying a user name and password as identification. This is rare when interacting with the
SkyVault content application server as access to or management of content in the content
repository is usually restricted to particular people or groups of
people.
To support restricted access, a web script can specify its authentication requirements. There are four levels of required authentication:
- None
- The web script does not require any authentication to be invoked.
- Guest
- The web script may be invoked by a guest user of the SkyVault content application server.
- User
- The web script must be invoked by a named user known to the SkyVault content application server.
- Admin
- The web script must be invoked by a named user who is an administrator of the SkyVault content application server.
An authenticated web script has access to all the services of the SkyVault content application server and thus can perform any operation, although it still adheres to the permissions of the authenticated user.
JSR-168 Authenticator
JSR-168 Authenticator only works if running on the repo tier, and it does not work for web scripts running in the Share tier. Surf has support for JSR-168 portlets built-in.