Siebel Web UI Dynamic Developer Kit Guide > Web UI DDK Overview >

About Authentication and Session Management

The Siebel Web UI DDK supports Siebel Authentication and Session Management SOAP headers, including Web single-sign authentication. These security features are part of the Siebel Web services framework and are summarized below:

  • Siebel Authentication and Session Management SOAP Headers. Custom Web applications invoke Siebel sessions by sending Web service requests to the Siebel Web Server Extension (SWSE). Requests include Siebel Authentication and Session Management SOAP headers that can include user credentials for logging in and session information for reconnecting to established sessions.

    SOAP headers enable you to pass a session token back and forth between the custom Web application and the Siebel Server. The session token supports Stateless, Stateful, and Server Determine sessions. The session token is encrypted and consists of a session ID and user credentials. The Session Manager on the SWSE extracts a session ID and user credentials from the session token and then reconnects to an open login session on the Siebel Server. In the case of a server failure, the Session Manager uses the user credentials to create a new login session. After the request is processed, a new session token is passed back in the outbound response SOAP header.

    NOTE:  The sample JSP pages generated by the Web UI DDK Wizard use Apache Axis. For information about custom coding needed to implement Siebel session management and authentication SOAP headers using tool sets native to IBM WebSphere and Oracle WebLogic, see Using Native Web Service Technology Stacks.

  • Web Single-Sign On. Siebel Web services support Web single sign-on deployment scenarios in which third-party applications handle authentication and then pass authentication information to the Siebel application. Once authenticated by the third-party application, users do not have to explicitly log in to the Siebel application.

For more detailed information about session type, session management, and Siebel Web services and security, see Integration Platform Technologies: Siebel Enterprise Application Integration.

For more information about general security topics, see Siebel Security Guide.

Siebel Web UI Dynamic Developer Kit Guide Copyright © 2010, Oracle and/or its affiliates. All rights reserved. Legal Notices.