Siebel Security Guide > Web Single Sign-On Authentication >

Requirements for Standards-Based Web Single Sign-On

In this guide, the term standards-based Web SSO refers to Web SSO systems that support the LDAP standards described in this topic. Standards-based Web SSO is contrasted with Windows Integrated Authentication Web SSO, which uses Microsoft Active Directory or other Windows accounts to identify users. This topic outlines the requirements for integrating Siebel CRM with a standards-based Web SSO system.

To integrate a standards-based Web SSO authentication system with Siebel Business Applications, the following are the minimum requirements that must be met:

• The Web SSO authentication system can send the identity of each Siebel user to be authenticated in an HTTP header variable using HTTP1.1 standard W3C HTTP 1.1 RFC-2616+.

  In a standards-based Web SSO implementation, the SWSE derives the user's user name from the HTTP request header variable. The recommended method is to use a header variable populated with an attribute value that is stored in the directory.

• Siebel Web Single Sign-On is configured for the Siebel Web Server Extension (SWSE).
• The Siebel LDAP security adapter is implemented to provide authentication functionality.
• The Web SSO authentication system uses a static trust token in the HTTP header.
• The Web SSO authentication system supports the following:
  • LDAP 3.0 standard based on compliance with IETF LDAP RFC 2256 and later
  • IEFT Password Policy for LDAP Directories (09)
• In the eapps.cfg file, the fully qualified domain name of the SWSE host and the port number of the SWSE host are specified. For additional information, see Siebel System Administration Guide.