Implementing Siebel Business Applications on DB2 UDB for z/OS > Security Concepts for z/OS > z/OS Security >

About Using an External Security Adapter

An external security adapter is an interface that lets you use an external system to authenticate users. For example, you might employ an LDAP repository, a protocol for storing and retrieving directory-related information that includes authentication services. LDAP can reside on the mainframe.

Administration is easier if you use an external security adapter because you do not have to create an account for each Siebel application user on the DB2 host. You can instead create a few generic database accounts that are used by multiple Siebel users.

When users log onto the Siebel application, the external security adapter validates user names, passwords, user roles, and database credentials against the information in the external system. If the external security adapter finds a match, it retrieves a generic set of user credentials (username and password) that supply access to the database. For LDAP, the generic set of user credentials can be the same for every user, if desired.

For more information on implementing an external security adapter, refer to the Security Guide for Siebel Business Applications.