Siebel Security Guide > Security Adapter Authentication >

Process of Implementing LDAP or ADSI Security Adapter Authentication

This topic describes the tasks involved in implementing LDAP or ADSI security adapter authentication.

The process outlined in this topic provides instructions for implementing and testing security adapter authentication for a single Siebel application using either an LDAP or ADSI security adapter with one of the supported directories described in Siebel System Requirements and Supported Platforms on Oracle Technology Network. The security adapter authenticates a user's credentials against the directory and retrieves login credentials from the directory. A user is authenticated by the user's Siebel user ID and a password.

You can repeat the appropriate tasks listed in this topic to provide security adapter authentication for additional Siebel Business Applications. You can also implement components and options that are not included in this process. For additional information about security adapter authentication options, see Security Adapter Deployment Options. For information about special considerations in implementing user authentication, see User Authentication Issues.

Implement your authentication architecture in a development environment before deploying it in a production environment.

If you use a security adapter not provided by Siebel Business Applications, it must support the Siebel Security Adapter Software Developers Kit, which is described in Security Adapter SDK. You must adapt the applicable parts of the following task instructions to your security adapter.

You must perform the following tasks to set up and test a typical LDAP or ADSI security adapter authentication architecture:

1. Verify that all requirements are met.

   For information on the requirements, see Requirements for Implementing an LDAP or ADSI Authentication Environment.

2. Review About Creating a Database Login.
3. Set up the attributes for users in the directory. See Setting Up the LDAP or ADSI Directory.
4. Create users in the directory: a regular user, the anonymous user, and the application user. See Creating Users in the LDAP or ADSI Directory.
5. Add user records in the Siebel database corresponding to the users in the directory. See Adding User Records in the Siebel Database.
6. Edit security adapter parameters in the eapps.cfg file. See Setting Security Adapter Parameters in the SWSE Configuration File (eapps.cfg).
7. Select the security adapter you want to use (LDAP, ADSI, Custom), and configure parameters for the selected security adapter, using one of the following methods:
   • Using the Siebel Configuration Wizard

     Configure values for the security adapter parameters by running the Siebel Configuration Wizard. Then select the security adapter you want to use (LDAP, ADSI, Custom) by specifying the appropriate values for the SecAdptName and SecAdptMode Siebel Gateway Name Server parameters using either Siebel Server Manager or by running the Siebel Configuration Wizard again.

     For information on running the Siebel Configuration Wizard, see Configuring LDAP or ADSI Security Adapters Using the Siebel Configuration Wizard.

   • Editing Siebel Gateway Name Server parameters directly

     You can select the security adapter you want to use, and configure Gateway Name Server parameters for the security adapter, by editing Siebel Gateway Name Server parameters directly using Siebel Server Manager. For further information, see Configuring Security Adapter Gateway Name Server Parameters.

   • (Developer Web Clients only) Editing the application configuration file

     For Developer Web Clients only, you configure parameters for the security adapter in the application configuration file. For additional information, see Configuring LDAP or ADSI Authentication for Developer Web Clients.

8. (Developer Web Clients only) Setting a System Preference for Developer Web Clients.
9. Restarting Servers.
10. Testing the LDAP or ADSI Authentication System.