Note: This topic applies to the Kenilworth Release.
User authentication determines who the user is and their group membership, if configured or received from an external source. This in turn determines the level of access available to authentication-enabled services.
The majority of web filtering policies require mandatory user authentication. Typically, unauthenticated users are prevented from accessing authentication-enabled services such as the Internet.
Firewall services typically classify unauthenticated users as Unauthenticated IPs (see Managing Groups of Users). Unauthenticated users may only have limited access to authentication-enabled services is available to this group, or even no access at all.
In any case, a failed authentication attempt results in either a request to retry authentication, or a error.