Bookshelf Home | Contents | Index | PDF     

Siebel Security Guide > Security Adapter Authentication > Security Adapter Deployment Options >

Configuring Secure Communications for Security Adapters

You can use SSL to transmit data between the security adapter provided with Siebel Business Applications and the LDAP or ADSI directory. Secure communications for the Siebel security adapter can be implemented in the following authentication strategies:

  • Security adapter authentication: LDAP, ADSI, custom (not database authentication)
  • Web SSO authentication

You can encrypt the communications between the Siebel LDAP or ADSI security adapter and the directory using SSL. The setup you must do differs depending on whether you implement the LDAP or ADSI security adapter.

NOTE:  If you use the LDAP security adapter to authenticate users against an AD directory, you must configure SSL between the LDAP security adapter and AD directory server if you want to manage user passwords or create new users in the Active Directory.

The following procedure describes how to configure SSL for the LDAP security adapter.

To configure SSL for the LDAP security adapter

  • Set the SslDatabase parameter value for the security adapter (LDAPSecAdpt) to the absolute path of the file ldapkey.kdb. This file, which is generated by IBM GSKit, contains a certificate for the certificate authority that is used by the directory server.

    For information about generating the SSL database file for an LDAP authentication environment, see Generating a CMS Key Database Using IBM GSKit.

The following procedure describes how to configure SSL for the ADSI security adapter.

To configure SSL for the ADSI security adapter

  1. Set up an enterprise certificate authority in your domain.
  2. Set up the public key policy so that the Active Directory server automatically demands a certificate from that certificate authority.
  3. Set the profile parameter UseSsl to True for the ADSI Security Adapter profile (alias the ADSISecAdpt parameter).

    For information about setting Siebel Gateway Name Server parameters, see Siebel Gateway Name Server Parameters.

    
Siebel Security Guide Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices.