Bookshelf Home | Contents | Index | PDF |
Security Guide for Siebel eBusiness Applications > Web Single Sign-On Authentication > User Specification SourceThis option can be implemented in the following authentication strategy: In a Web SSO implementation, the SWSE derives the user's username from either a Web server environment variable or an HTTP request header variable. You must specify one source or the other. CAUTION: If your implementation uses a header variable to pass a user's identity key from the third-party authentication service, then it is the responsibility of your third-party or custom authentication client to set the header variable correctly. The header variable should only be set after the user is authenticated, and it should be cleared when appropriate by the authentication client. If a header variable passes an identity key to the Siebel authentication manager, and the trust token is also verified, then the user is accepted as authenticated. To specify the source of the username
For information about setting parameters in the eapps.cfg file, see Parameters in the eapps.cfg File. |
Security Guide for Siebel eBusiness Applications |