Professional Documents
Culture Documents
0 Essentials
1 of 18
Module Objectives
To describe the types of user authentication in use by Siebel
application To explain the role of the security adapter To describe Single Sign On (SSO) security and how it differs from other authentication methods
3 of 18
Security in restricting data and access to views corresponding to different users Subject of previous module Only authorized users can access the application Subject of this module Securing the Communication between architecture components Subject of subsequent module
4 of 18
Authentication
Is the process of validating a users identity It concerns with verifying the identity of users before they gain
5 of 18
Siebel servers or the Web server. In this case, its done with the help of :
Siebel security adapters are software programs that allow Siebel
servers to authenticate users Single Sign On (SSO) allows the Web server to authenticate users Siebel Web Server Extension performs authentication check Security adapter is still involved in verifying the trust token passed to it by the Web server A trust token is a software object confirming the identity og the sender. May contain additional information such as user identity or database login to be passed to the server
6 of 18
authentication service
It is Implemented as a part of the Application Object Manager (AOM)
An authentication service
A store of credentials plus a mechanism to compare user provided credentials against the stored credentials
7 of 18
Authentication Services
Siebel applications support multiple authentication services:
Database authentication Lightweight Database Authentication Protocol (LDAP) Active Directory Services Interface (ADSI) Custom authentication using the Siebel Security Adapter Software Developers Kit (SSASDK) Creating custom security adapters is beyond the scope of this course Refer to the Siebel Security Adapter SDK in Bookshelf
8 of 18
Database Authentication
Users are authenticated against the underlying database The database Security Adapter uses is the default for Siebel
applications
9 of 18
are not required Uses a separate database login for each user
Requires ongoing support from a database administrator
May support the following account policies :
User cannot perform self-management without being granted direct access to the database server
10 of 18
information A single reserved database login is typically used for all users
The default database login is LDAPUSER
11 of 18
Eliminates maintenance of a separate database login for each user Allows Web users to self-register and maintain login information Allows automated creation of users from User Administration view Allows external delegated administration of users
applications May support account policies based on those of the directory service
Password expiration Password syntax Account lockout
12 of 18
Single Sign On
Web Server provides credentials to third-party service Security Adapter looks up and retrieves Siebel user ID, DB account
13 of 18
login
For example, Windows Integrated Authentication allows users to
access Siebel applications directly once they have logged in to their Windows accounts
Uses credentials that are collected and verified by the Web
server
Management of authentication can be performed from a single
centralized location
Requires the use of a trust token
and portals
14 of 18
15 of 18
16 of 18
Module Highlights
Siebel applications support three mechanisms for authenticating
users:
Database authentication is the default; the Siebel Server verifies the authentication information to the RDBMS for authentication Directory Service authentication uses a directory service such as LDAP or ADSI to perform the authentication; the Siebel Server passes the authentication information to the directory service Single Sign On uses a directory service at the Web server level to allow single sign-on to multiple applications; the Siebel Web Server passes the authentication information to the directory service and passes the returned trust token to the Siebel Server
17 of 18
Lab
In the lab you will:
18 of 18