Security Guide for Siebel Business Applications > Web Single Sign-On Authentication > Setting Up Web SSO: A Scenario >

Creating Protected Virtual Directories

Protected virtual directories are used with Siebel Business Applications that support anonymous browsing. By making parts of the application available under two Web server virtual directories you are able to configure the third-party authentication client to protect one virtual directory while leaving the other unprotected, and thus accessible for anonymous browsing. When a user requests a Siebel view that requires explicit login, the request is automatically redirected to the protected virtual directory.

You must perform the following tasks to specify to the Web server a virtual directory for a Siebel application. You must repeat both stages of this process for each Siebel application that users access through the Web server.

• Create the virtual directory.
• Specify to the Web server a particular DLL file that allows the SWSE to communicate with the Web server.

The actual path for each virtual directory and the DLL file are identical for every Siebel application.

NOTE:  Optionally, instead of creating a new virtual directory, you can modify an existing virtual directory.

To create a virtual directory on Microsoft Internet Information Server

1. Start the Internet Service Manager. Choose Programs > Administrative Tools > Internet Service Manager.
2. In the Internet Service Manager explorer, right-click the default Web site, and then choose New > Virtual directory.

   The New Virtual Directory wizard appears.

3. Enter a virtual directory name for a Siebel application, and then click Next. For example, enter p_eservice as a virtual directory for Siebel Service.
4. Enter the full path to the SWEAPP_ROOT\public directory, and then click Next (where SWEAPP_ROOT is the directory in which you installed the SWSE).

   This subdirectory contains the contents to publish to the site.

5. Check the following check boxes and leave all others empty, and then click Finish.
   • Allow Read Access
   • Allow Script Access
   • Allow Execute Access

     The Internet Service Manager explorer appears, with the new virtual directory appearing in the hierarchy.

To allow the SWSE to communicate with the Web server

1. In the Internet Service Manager explorer, right-click the virtual directory you created, and then choose Properties.

   The Properties dialog box appears.

2. Click Configuration.

   The Application Configuration dialog box appears.

3. Click Add.

   The Add/Edit Application Extension Mapping dialog box appears.

4. Click Browse, navigate to and select the sweiis.dll file in the SWEAPP_ROOT\bin directory, and then click Open (where SWEAPP_ROOT is the directory in which you installed the SWSE).

   The Add/Edit Application Extension Mapping dialog box appears, including the path to the sweiis.dll file.

5. Enter .swe for the extension, check the Script engine check box only, and then click OK.

   The Application Configuration dialog box appears.

6. Click Apply, and then click OK.

   The Properties dialog box appears.

7. Click the Directory Security tab.
8. Click Edit in the Anonymous Access and Authentication Control section.

   The Authentication Methods dialog box appears.

9. Check the Basic Authentication check box, and uncheck all others.
10. Click Yes on the Internet Service Manager caution dialog, and then click OK when you return to the Authentication Methods dialog box.

    The Directory Security tab in the Properties dialog box appears.

11. Click Apply, and then click OK.