The ANONYMOUS mechanism is used to “authenticate” clients to anonymous services; or rather, just indicate that the client wishes to use the service anonymously. The client sends a token, usually her email address, which serve the purpose of some trace information suitable for log files. The token is not permitted to be empty.
In the client, this mechanism is always enabled, and will send the
GSASL_ANONYMOUS_TOKEN property as the trace information to the
In the server, this mechanism will invoke the
GSASL_VALIDATE_ANONYMOUS callback to decide whether the client
should be permitted to log in. Your callback can retrieve the
GSASL_ANONYMOUS_TOKEN property to, for example, save it in a
log file. The token is normally not used to decide whether the client
should be permitted to log in or not.