SECURITY
With anonymous access, you never know who is accessing databases on the server. Therefore, you cannot use the client’s identity -- that is, the client’s name and password -- to control access to databases and design elements. Use anonymous access when you do not need to know who is accessing the database and/or when you do not need to control access based on client identity.
You can use anonymous access with TCP/IP and/or SSL on any server that runs LDAP, HTTP, SMTP, or IIOP. For each Internet protocol enabled on the server, you can specify the method of security. For example, you can enable SSL for HTTP connections, but require name-and-password authentication for LDAP connections that use TCP/IP.
In addition to using anonymous access, you can enable name-and-password authentication and SSL client authentication. Then users can use any authentication method to connect to the server. For example, if the user has an SSL client certificate, the user can access the server using SSL; whereas a user who does not have an SSL client certificate can access the server anonymously.
For more information on how Domino validates and authenticates users when anonymous, SSL client authentication, and name-and-password authentication are set up on a server, see Validation and authentication for Internet/intranet clients.
See also