Security Guide for Siebel Business Applications > Security Adapter Authentication >
Setting Up Security Adapter Authentication: A Scenario
This section provides instructions to implement security adapter authentication, in this case for a single Siebel application. The implementation uses either the LDAP security adapter or the ADSI security adapter with one of the supported directories described in System Requirements and Supported Platforms on Siebel SupportWeb.
Your implementation may include more than one Siebel application, and you may implement components and options that are not included here.
These instructions are intended to allow you to confirm successful implementation of the security adapter with the directory. You should implement your authentication architecture in a development environment before deploying it in a production environment. You can repeat the appropriate instructions here to provide security adapter authentication for additional Siebel Business Applications.
These instructions implement the following basic configuration:
- The directory is a Siebel-supported LDAP server, or Microsoft ADS.
- The LDAP security adapter or ADSI security adapter is used to communicate between the authentication manager and the directory.
- A user is authenticated by the user's Siebel user ID and a password.
For additional details about configuring security adapter authentication, see also Security Adapter Deployment Options.
For information about special considerations to implementing user authentication, see User Authentication Issues.
If you use a security adapter not provided by Siebel Systems, it must support the Siebel Security Adapter Software Developers Kit, which is described in Security Adapter SDK. You must adapt the applicable parts of the following implementation to your security adapter.
The following installations must be completed before you set up this security adapter authentication environment:
- Your Web server is installed.
- Your LDAP/ADS directory is installed.
- Your Siebel Business Applications are installed, including the Siebel Gateway Name Server and the Siebel Server.
- Your LDAP/ADSI client software is installed.
- A URL or hyperlink is available with which users can access the login form for the Siebel application you are configuring.
NOTE: These instructions assume that you are experienced with administering the directory. That is, you can perform tasks such as creating and modifying user storage subdirectories, creating attributes, creating users, and providing privileges to users.
Process of Implementing LDAP/ADSI Authentication
You must perform the following tasks to implement and test your LDAP/ADS directory with a Siebel-provided security adapter.
- Create a database login. See Creating a Database Login.
- Set up the attributes for users in the directory. See Setting Up the LDAP/ADS Directory.
- Create three users in the directory: a regular user, the anonymous user, and the application user. See Creating Users in the LDAP/ADS Directory.
- Add user records in the Siebel Database corresponding to two users in the directory. See Adding User Records in the Siebel Database.
- Edit eapps.cfg file parameters. See Editing Parameters in the eapps.cfg File.
- Edit Name Server parameters using Siebel Server Manager. See Editing Parameters Using Siebel Server Manager.
- For Siebel Developer Web Clients, edit the Siebel application's configuration file parameters. See Editing Parameters in the Application Configuration File.
- For Siebel Developer Web Clients, set a system preference. See Setting a System Preference for Developer Web Clients.
- Restart the Siebel Server and the Web server. See Restarting Servers.
- Test the implementation. See Testing the LDAP/ADSI Authentication System.