Integration Platform Technologies: Siebel Enterprise Application Integration > Web Services >
About Web Services and Web Single Sign-On Authentication
Siebel Web Services support Web single sign-on deployment scenarios in which third-party applications handle authentication, and then pass authentication information to the Siebel application. When the third-party application authenticates it, users do not have to explicitly log in to the Siebel application. Figure 29 illustrates a Web single sign-on deployment scenario using Siebel Web services. For more information about Web single sign-on, see Security Guide for Siebel Business Applications.
Figure 29. Web Single Sign-On Scenario
Each component in the SSO Scenario shown in Figure 29 is described below:
- SSO Access Manager. SSO Access Manager, configured in front of the J2EE server, challenges user login, authenticates user credentials with LDAP, and sets a security token in the browser (http header), which gets forwarded to the J2EE server.
- J2EE Server. This server extracts user credentials from the security token in the request. The Session Manager Login method takes the request as an argument and forwards it to the SWSE. The request contains the security token in the header.
- SWSE. SWSE extracts the user credentials from the security token and sends user credentials and the trust token to the Siebel Server.
- Siebel Server. The Siebel Server validates user credentials with LDAP and validates the trust token with security settings.