Bookshelf Home | Contents | Index | PDF     

Siebel Security Guide > Security Adapter Authentication > Security Adapter Deployment Options >

Configuring Secure Communications for Security Adapters

This topic describes how to use SSL to transmit data between the security adapter provided with Siebel Business Applications and an LDAP directory or Active Directory. Secure communications for the Siebel security adapter can be implemented in the following authentication strategies:

  • Security adapter authentication: LDAP, ADSI, custom (not database authentication)
  • Web SSO authentication

You can encrypt the communications between the Siebel LDAP or ADSI security adapter and the directory using SSL. The setup you must do differs depending on whether you implement the LDAP or ADSI security adapter.

NOTE:  If you use the LDAP security adapter to authenticate against Active Directory, then you must configure SSL between the LDAP security adapter and the Active Directory server if you want to manage user passwords or create new users in the Active Directory. Implementing SSL in these circumstances is a requirement of Microsoft Windows and Active Directory.

Configuring SSL for the LDAP Security Adapter

The following procedure describes how to configure SSL for the LDAP security adapter.

To configure SSL for the LDAP security adapter

  1. Set the SslDatabase parameter value for the security adapter (LDAPSecAdpt) to the absolute directory path of the Oracle wallet.

    The Oracle Wallet, generated using Oracle Wallet Manager, contains a certificate for the certificate authority that is used by the directory server. For information about generating the SSL database file for an LDAP authentication environment, see Creating a Wallet for Certificate Files When Using LDAP Authentication with SSL.

  2. Set the WalletPassword parameter for the LDAP security adapter (LDAPSecAdpt) to the password assigned to the Oracle wallet.

Configuring SSL for the ADSI Security Adapter

The following procedure describes how to configure SSL for the ADSI security adapter.

To configure SSL for the ADSI security adapter

  1. Set up an enterprise certificate authority in your domain.
  2. Set up the public key policy so that the Active Directory server automatically demands a certificate from that certificate authority.
  3. Set the profile parameter UseSsl to True for the ADSI Security Adapter profile (alias ADSISecAdpt).

    For information about setting Siebel Gateway Name Server parameters, see Siebel Gateway Name Server Parameters.

    
Siebel Security Guide Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices.