A common question for UAG administrators is, can I provide anonymous access to a Web site, but require and prompt for authentication when a user clicks a link to access a specific part of the Web site?
Remember: the definition of a Web Application in UAG is a combination of the Web server, the port and the path. Web application access is dependent on endpoint policy, authentication, and authorization. So you can certainly implement a solution where you prompt for authentication for some pages but not for others, even if they are all hosted on the same server.
The first step is to create a trunk that does not require authentication. Instructions for creating a trunk are here. Note that you’ll have to first create a trunk that requires authentication, and then modify its properties afterwards, so that it does not require authentication. Add your applications to the trunk, using these properties:
- Type: Other Web Application
- Web Server address and ports
- Path(s) to the portion of the Web site not requiring authentication, for example, /news
- No Authentication required
- Type: Other Web Application (same as Application 1)
- Web Server address and ports (same as Application 1)
- Path(s) to the portion of the Web site that do require authentication, for example, /secret
- Authentication required
Having implemented this, when a user requests /news, he will not be prompted to authenticate, but when he chooses /secret, he will be required to authenticate.
Take note that trunk Applications are evaluated on the basis of the order they appear in the trunk’s Applications List Box, so make sure that the application requiring authentication (Application 2 in our case) appears first in the list.
Pradeep Bethi, Technical Solution Professional
Nathan Bigman, Content Publishing Manager
Meir Feinberg, Technical Writer