Bookshelf Home | Contents | Index | PDF     

Siebel Security Guide > Security Adapter Authentication >

Comparison of Authentication Strategies

Table 9 highlights the capabilities of each authentication approach to help guide your decision. Several options are available for each basic strategy. Comparisons do not apply for Siebel Mobile Web Client, for which only database authentication is available.

Table 9. Functionality Supported in Different Authentication Approaches
Functionality
Database Security Adapter
LDAP or ADSI Security Adapter
Web SSO

Requires additional infrastructure components.

No

Yes

Yes

Centralizes storage of user credentials and roles.

No

Yes

Yes

Limits number of database accounts on the application database.

No

Yes

Yes

Supports dynamic user registration. Users are created in real-time through self-registration or administrative views.

No

Yes

Siebel Business Applications do not support the feature, but it might be supported by third-party components

For Web SSO, user registration is the responsibility of the third-party authentication architecture. It is not logically handled by the Siebel architecture.

Supports account policies. You can set policies such as password expiration, password syntax, and account lockout.

Only password expiration is supported and only on supported IBM DB2 RDBMS operating systems.

Yes

Siebel Business Applications do not support the feature, but it might be supported by third-party components.

For Web SSO, account policy enforcement is handled by the third-party infrastructure.

Supports Web Single Sign-On, the capability to log in once and access all the applications within a Web site or portal.

No

No

Yes

The Siebel LDAP security adapter supports the Internet Engineering Task Force (IETF) password policy draft (09) for handling password policy violations and error reporting. As a result, the LDAP security adapter returns meaningful error messages and takes appropriate actions when password policy violations occur, provided the adapter is used with directory servers that are compliant with the draft. For additional information on the IETF password policy draft, go the IETF Web site at

http://tools.ietf.org/html/draft-behera-ldap-password-policy-09

      
Siebel Security Guide Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices.