The No
Authentication Challenge
provider offers pass-through security for SAP Mobile Platform Server,
and is intended for use in development environments or for deployments that require no
security control. Do not use this provider in production environments, for administration,
or for device user authentication.
If you use the No
Authentication Challenge
provider, all login attempts succeed, no matter what values are used for the user name
and password. Additionally, all role and control checks based on attributes also
succeed.
Note: If you configure No
Authentication Challenge
in a security profile to which you have assigned client applications that you intend to
run anonymously, this provider causes your anonymous applications to fail.
SAP Mobile Platform authenticates the user even though the user
presented no valid credentials. SAP Mobile Platform then proceeds to
connect to back-end systems assuming there is an authenticated client, and tries to use
SSO credentials for the back end. However, these credentials are absent, and the
back-end connection fails.