Security Guide for Siebel Business Applications > Changing or Adding Passwords >

Adding a Password for Updating Web Server Static Files

As part of the installation hardening process, it is recommended that administrators define a password for updating cached images and other Siebel application-related static files on the Web server.

Each time the Siebel administrator restarts the Web server, the Siebel Web Server Extension (SWSE) contacts the Siebel Server and refreshes these static files. Administrators may find that entering a URL command is a more efficient way to refresh the files, particularly when multiple Web servers are deployed.

NOTE:  Setting a password allows only Siebel administrators to refresh the cached static files on your Web server by accessing updated files originally placed on the Siebel Server. If you do not set a password, any unauthorized user could invoke the SWE command UpdateWebImages to update these files.

To add the Web update password, do one of the following:

  • You can use the Web Update Protection Key screen that appears when you install and configure the SWSE. For more information, see the Siebel Installation Guide for the operating system you are using.
  • You can add or change the password later on, by editing the value of the WebUpdatePassword parameter in the eapps.cfg file. This file is located in SWEAPP_ROOT\bin directory, where SWEAPP_ROOT is the directory in which you installed the SWSE.

    NOTE:  The WebUpdatePassword parameter provides Web server security, but does not correspond to a database account and is stored only in the eapps.cfg file.

If password encryption for the eapps.cfg file is in effect (EncryptedPassword = TRUE), then SWSE configuration automatically stores the specified Web update protection key as an encrypted value for the WebUpdatePassword parameter. If you manually edit the eapps.cfg file, then you must use the encryptstring utility to generate an encrypted version of the password to store in the file.

If EncryptedPassword = FALSE, passwords are not stored as encrypted values. In this case, passwords must not be entered as encrypted values.

For more information about password encryption for the eapps.cfg file, and about the encryptstring utility, see Managing Encrypted Passwords in the eapps.cfg File.

For more information about managing Web images and other files for your Siebel Business Applications, see Configuring Siebel Business Applications.

To edit the eapps.cfg file to configure the Web update password

  1. The Web public root directory (the location of Web file caching for Siebel Business Applications) is set automatically when you run the SWSE configuration utility. Or, you can specify it by adding a line in each application section of the eapps.cfg file. For example, to specify the Web public root directory for Siebel Service (for a Web server on a Windows machine), add a parameter like this:

    WebPublicRootDir = SWEAPP_ROOT\public\LANGUAGE

    where SWEAPP_ROOT is the SWSE installation directory, such as D:\sea78\SWEApp, and LANGUAGE is the application language, such as ENU for U.S. English. Files will be copied to this location from all of the language-specific subdirectories of the directory SIEBSRVR_ROOT\ webmaster, where SIEBSRVR_ROOT is the Siebel Server installation directory.

    NOTE:  The directory structure on the Web server is parallel to that on the Siebel Server, except that the files are moved up from their original language-specific subdirectories. For example, files would be copied from SIEBSRVR_ROOT\webmaster\files\enu and SIEBSRVR_ROOT\webmaster\images\enu to SWEAPP_ROOT\public\enu\files and SWEAPP_ROOT\public\enu\images.

    It is recommended to set WebPublicRootDir the same for all applications for a given language, in order to conserve disk resources on the Web server.

  2. The Web update protection key (Web update password) can be set using the SWSE configuration utility. Or, you can specify it by adding a line in each application section of the eapps.cfg file. For example, to specify a Web update password for Siebel Service, add a parameter like this:

    WebUpdatePassword = abcdef

    NOTE:  Typically, password encryption is in effect for the eapps.cfg file, as described in Managing Encrypted Passwords in the eapps.cfg File.

Siebel administrators can then use this password to update cached static files from a browser, without restarting the Web server. For example, specify a URL like the following. (Specify the password in clear text form, whether or not encryption is used.)


Security Guide for Siebel Business Applications