Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 336533

Summary: [user] Authorization should have concept of anonymous user
Product: [ECD] Orion Reporter: John Arthorne <john.arthorne>
Component: ServerAssignee: Anthony Hunter <ahunter.eclipse>
Status: RESOLVED WONTFIX QA Contact:
Severity: normal    
Priority: P3 CC: ahunter.eclipse
Version: unspecified   
Target Milestone: ---   
Hardware: PC   
OS: Windows 7   
Whiteboard:

Description John Arthorne CLA 2011-02-07 11:44:05 EST
The authentication system should have a mechanism to grant authorization to anonymous users. Requests with no user header would be assigned to the "anonymous" user. 

As an example use case, I might want to allow my projects to be globally readable (only GET). For an open source project this might even be the default.

We should also disallow clients from creating a real user called "anonymous"... this user name should be reserved for internal use.
Comment 1 John Arthorne CLA 2011-04-29 10:18:08 EDT
This is deferred to post 0.2 release.
Comment 2 Anthony Hunter CLA 2015-05-08 10:47:56 EDT
I do not think we plan to do this.