Security Guide for Siebel Business Applications > Web Single Sign-On Authentication >

Implementing Web SSO Authentication

To provide user access to Siebel Business Applications on a Web site implementing Web SSO, the Siebel Business Applications must be able to determine the following from the authentication system:

• Verification that the user has been authenticated
• A user credential that can be passed to the directory, from which the user's Siebel user ID and database account can be retrieved

In a Web SSO environment, you must also provide your authentication service and any required components, such as an authentication client component.

NOTE:  For a particular Siebel application, when users connect from the Siebel Developer Web Client to the server database, the authentication mechanism must be the same as that used for Siebel Web Client users. This mechanism could be database authentication or a supported external authentication strategy, such as LDAP or ADSI. When connecting to the local database using Siebel Mobile Web Client, however, mobile users must use local database authentication.

For information about authentication options for local database synchronization for mobile users, see Siebel Remote and Replication Manager Administration Guide.

For an overview of tasks involved in setting up Web SSO, see Setting Up Web SSO: A Scenario.

You can implement the following options in a Web SSO environment that uses a Siebel-compliant security adapter:

• User specification source. You must specify the source from which the Siebel Web Engine derives the user's identity key: a Web server environment variable or an HTTP request header variable. For details, see User Specification Source.
• Digital certificate authentication. Siebel Systems supports X.509 digital certificate authentication by the Web server. For information on implementing digital certificate authentication for Web SSO, see Digital Certificate Authentication.
• In addition, many options identified in Security Adapter Deployment Options can be implemented for Web SSO.

For information about troubleshooting user authentication, see User Authentication Issues.