Bookshelf Home | Contents | Index | PDF |
Siebel Security Guide > Security Adapter Authentication > Security Adapter Deployment Options > Configuring Roles Defined in the DirectoryResponsibilities assigned to each user in Siebel Business Applications provide users with access to particular views in the application. Responsibilities are created in Siebel Business Applications and are stored in the Siebel database. One or more responsibilities are typically associated with each user in the Administration - Application screen. Creating roles in the LDAP or ADSI directory is another means of associating Siebel responsibilities with users. Roles are useful for managing large collections of responsibilities. A user has access to all the views associated with all the responsibilities that are directly or indirectly associated with the user. You can choose to store users' Siebel responsibilities as roles in a directory attribute instead of in the Siebel database in the following authentication strategies:
It is recommended that you assign responsibilities in the database or in the directory, but not in both places. If you define a directory attribute for roles, but you do not use it to associate responsibilities with users, leave the attribute empty. If you use roles to administer user responsibilities, create responsibilities in Siebel Business Applications, but do not assign responsibilities to users through the Siebel application interface. To configure roles defined in the directory
|
Siebel Security Guide | Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices. | |