Bookshelf Home | Contents | Index | PDF     

Siebel Security Guide > Web Single Sign-On Authentication > Process of Implementing Web Single Sign-On >

Creating Protected Virtual Directories

This topic describes how to create virtual directories in a Web SSO implementation. Creating virtual directories allows users to access a Siebel application and anonymously browse specific views while requiring Web SSO authentication to access other views in the application.

This task is an optional step in Process of Implementing Web Single Sign-On.

Protected virtual directories are used with Siebel Business Applications that support anonymous browsing. By making parts of the application available under two Web server virtual directories you are able to configure the third-party authentication client to protect one virtual directory while leaving the other unprotected, and thus accessible for anonymous browsing. When a user requests a Siebel view that requires explicit login, the request is automatically redirected to the protected virtual directory. and the user must enter a Web SSO login to proceed.

You must perform the following tasks to specify to the Web server a virtual directory for Siebel Business Applications. You must repeat both stages of this process for each Siebel application that users access through the Web server.

  • Create the virtual directory.

    Optionally, instead of creating a new virtual directory, you can modify an existing virtual directory.

  • Specify to the Web server a particular DLL file that allows the SWSE to communicate with the Web server.

The actual path for each virtual directory and the DLL file are identical for every Siebel application.

Use the following procedure to create a virtual directory.

To create a virtual directory on Microsoft Internet Information Server

  1. Start the Internet Service Manager. Choose Programs, Administrative Tools, and then the Internet Service Manager option.
  2. In the Internet Service Manager explorer, right-click the default Web site, choose New, and then the Virtual directory option.

    The New Virtual Directory wizard appears.

  3. Enter a virtual directory name for a Siebel application, then click Next. For example, enter p_eservice as a virtual directory for Siebel eService.
  4. Enter the full path to the SWEAPP_ROOT\public directory, then click Next (where SWEAPP_ROOT is the directory in which you installed the SWSE).

    This subdirectory contains the contents to publish to the site.

  5. Check the following check boxes and leave all others empty, and then click Finish.
    • Allow Read Access
    • Allow Script Access
    • Allow Execute Access

      The Internet Service Manager explorer appears, with the new virtual directory appearing in the hierarchy.

Use the following procedure to specify the DLL file that allows the SWSE to communicate with the Web server.

NOTE:  The following procedure applies if you are using the Microsoft IIS Web server as your single sign-on authentication service. If you are using a different Web SSO solution, you might have to configure the virtual directory differently.

To allow the SWSE to communicate with the Web server

  1. In the Internet Service Manager explorer, right-click the virtual directory you created, and then choose Properties.

    The Properties dialog box appears.

  2. Click Configuration.

    The Application Configuration dialog box appears.

  3. Click Add.
  4. Click Browse, navigate to and select the sweiis.dll file in the SWEAPP_ROOT\bin directory, and then click Open (where SWEAPP_ROOT is the directory in which you installed the SWSE).

    The Add/Edit Application Extension Mapping dialog box appears, including the path to the sweiis.dll file.

  5. Enter .swe for the extension, check the Script engine check box only, and then click OK.

    The Application Configuration dialog box appears.

  6. Click Apply, and then click OK.

    The Properties dialog box appears.

  7. Click the Directory Security tab.
  8. Click Edit in the Anonymous Access and Authentication Control section.

    The Authentication Methods dialog box appears.

  9. Check the Integrated Authentication check box, and uncheck all others. Ensure that the Allow Anonymous Access box is unchecked.
  10. Click Yes on the Internet Service Manager caution dialog, and then click OK when you return to the Authentication Methods dialog box.

    The Directory Security tab in the Properties dialog box appears.

  11. Click Apply, and then click OK.
    
Siebel Security Guide Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices.