Security Guide for Siebel eBusiness Applications > Security Features of Siebel Web Server Extension >

Configuring Secure Views

You can require URLs to use the HTTPS protocol for specific views in your Siebel application.

NOTE:  The ability to selectively specify secure views applies to standard interactivity applications only, not high interactivity applications.

The following factors determine whether the Siebel Web Engine verifies that requests for a view use the HTTPS protocol:

• The value (TRUE or FALSE) of the view's Secure attribute. For information about the Secure attribute for a view, see Configuring Siebel eBusiness Applications.
• The value (TRUE or FALSE) of the SecureBrowse parameter, located in the [SWE] section of the application's configuration file, such as siebel.cfg.
  • If SecureBrowse is set to TRUE, then HTTPS is required for all views in the entire application, regardless of how the Secure attribute is set for individual views.
  • If SecureBrowse is set to FALSE, then HTTP is used for all views in the entire application, except for those views for which the Secure attribute is set to TRUE. Secure views require HTTPS.

If you plan to use the HTTPS protocol, remember the following:

• You can switch between secure and nonsecure views in Siebel customer applications, but not in employee applications (such as Siebel Call Center). For employee applications, if any views are to be secure, then all views must be secure. Set the value of SecureBrowse to TRUE.
• Your Web server must be configured to support HTTPS.
• The Sun ONE Web Server does not support switching between secure and nonsecure views in Siebel applications. If you are using the Sun ONE Web Server, set the value of SecureBrowse to TRUE.