Bookshelf Home | Contents | Index | PDF     

Security Guide for Siebel eBusiness Applications > Security Adapter Authentication >

Authentication for Mobile Web Client Synchronization

This section describes some of the processing that occurs to authenticate a remote user during synchronization. For detailed information about the synchronization process, see Siebel Remote and Replication Manager Administration Guide.

Note the following facts about Siebel Remote and remote users:

  • Remote users do not connect to the Web server. When remote users synchronize, they connect directly from the Siebel Mobile Web Client to the Siebel Remote server—the Siebel Server designated to support synchronization with remote users.
  • Only one user ID and password can be used to access a local database. Local databases cannot belong to more than one user.
  • A single user can have multiple Mobile Web Clients, such as two clients on two separate computers.

To synchronize the local database

  1. The Siebel remote user connects to the local database on their client computer and makes transaction modifications. To do this:
    1. Launch the Siebel icon on the client computer, then enter a user ID and password.
    2. In the Connect To parameter, choose Local.

      The user ID and password are validated by the local database residing on the client computer.

      The Siebel application appears in the Web browser and the user navigates through the application.

    3. Modify data, as appropriate (insert, update, or delete operations).
  2. Later, the user decides to synchronize the local database changes and download updates from the Siebel Remote server. To do this:
    1. Connect to the Siebel Remote server using a dial-up modem or LAN, WAN, or VPN connection.
    2. Launch the Siebel icon on the client computer, then enter a user ID and password.
    3. In the Connect To parameter, choose Local.

      The user ID and password are validated by the local database residing on the client computer.

  3. When the Siebel application appears in the Web browser, the user chooses File > Synchronize Database.

    The user is now accessing the Siebel Remote server for synchronization, and is subject to authentication.

  4. Once the remote user is authenticated, synchronization begins.

Authentication Options for Synchronization Manager

The Synchronization Manager server component, for Siebel Remote, validates each incoming Mobile Web Client request. Synchronization Manager validates the mobile user's user ID against the list of valid Mobile Web Clients in the server database and validates that the effective end date is valid or NULL.

Synchronization Manager also verifies that the Mobile Web Client has connected to the correct Siebel Remote server. If the Mobile Web Client connects to the wrong Siebel Remote server, Synchronization Manager reconnects the Mobile Web Client to another Siebel Remote server and updates the client's local configuration information.

Synchronization Manager authenticates the Mobile Web Client's password by using the method specified using the Authentication Method configuration parameter (alias Authentication). Set this parameter for Synchronization Manager using Siebel Server Manager. For details, see Siebel Remote and Replication Manager Administration Guide.

Authentication Method may be set to one of the following values:

  • None. Does not authenticate the Mobile Web Client's password. This is the default setting.
  • Database. Uses the Mobile Web Client's user name and password to connect to the server database. Uses the database security adapter to do this (typically, DBSecAdpt).
  • SecurityAdapter. Uses the security adapter specified using the parameters Security Adapter Mode and Security Adapter Name to authenticate the user. Depending on the security adapter in effect, the user may be authenticated against the database or against an LDAP/ADS directory. Password hashing is subject to the configuration of this security adapter.

    NOTE:  The Security Adapter Mode and Security Adapter Name parameters may be set at the Enterprise or Siebel Server level, or set for the Synchronization Manager component. Database authentication is the default security adapter. You can use the same security adapter across the Siebel Enterprise, or use a different security adapter for Synchronization Manager than you do for the rest of the Enterprise. For more information, see About Siebel Security Adapters and subsequent topics, earlier in this chapter.

  • Siebel. Validates the Mobile Web Client's password against the password stored in the Mobile Web Client's screen. (This option uses the mangle encryption algorithm, which is generally no longer recommended.)
  • AppServer. Verifies that the password is the same as the user's operating system password on the Siebel Server machine. (This option is generally no longer recommended.)

    
Security Guide for Siebel eBusiness Applications