Bookshelf Home | Contents | Index | Search | PDF |
Security Guide for Siebel eBusiness Applications > Authentication Details > Authentication Options >
Remote Configuration
This option can be implemented in the following authentication strategies:
- Siebel security adapter authentication
- Web SSO
You can create a separate text file that defines some or all of the parameter values that configure a security adapter. The parameter values in the remote configuration file supplement or override those for the same adapter in a Siebel application's configuration file.
You can reduce administration by storing configuration parameters in a centralized location. Multiple applications' configuration files, on servers and on Dedicated Web Clients, can read parameters from this one location.
You can provide all configuration parameters in the remote configuration file or you can provide some parameters in the applications' configuration files and the balance of the parameters, such as those that are common among applications, in the remote configuration file.
The examples below show how a remote configuration file could be used to provide parameters for a security adapter that is implemented by Siebel eService in a Web SSO environment.
The following example is from the configuration file eservice.cfg:
[Security Adapters]
LDAP = LDAP[LDAP]
DllName = sscfldap.dll
ServerName = it_2.siebel.com
Port = 391
BaseDN = "ou=people,o=siebel.com"
UsernameAttributeType = uid
PasswordAttributeType = userPassword
CredentialsAttributeType = credentials
SharedCredentials = "uid=shareduser, ou=people, o=siebel.com"
UseRemoteConfig = \\it_3\vol_1\private\ldap_remote.cfgThe following example is from the configuration file ldap_remote.cfg:
[LDAP]
SingleSignOn = TRUE
TrustToken = HELLO
ApplicationUser = "uid=APPUSER,,ou=people,,o=siebel.com"
ApplicationPassword = YT>3#
EncryptApplicationPassword = TRUETo implement remote security configuration, you must follow these guidelines:
- The Siebel application's configuration file must contain a section that corresponds to a security adapter listed in its [SecurityAdapters] section. For example, the [LDAP] section may contain parameters for the LDAP line in the [SecurityAdapters] section, as shown.
- It must, at least, include the
UseRemoteConfig
parameter, which provides the path to a remote configuration file in universal naming convention format, that is, \\server\vol\path\filename.cfg.- It may include any other parameters typical to this section, or none of them.
- The remote security configuration file contains only a section that defines external authentication integration, such as the [LDAP] section.
- It has the same name and is of the same format as the corresponding section in the Siebel application's configuration file.
- It contains authentication parameters that are not represented in the application configuration file and parameters whose values should be overridden.
- The Authentication Manager must have read privileges on the disk directory that contains the remote configuration file.
For information about the Authentication Manager, see Siebel Authentication Manager.
For information about setting Siebel application configuration file parameters, see Siebel Application Configuration File Parameters.
Remote configuration is discussed in a usage context in Security Adapter Deployment Options.
Bookshelf Home | Contents | Index | Search | PDF |
Security Guide for Siebel eBusiness Applications Published: 23 June 2003 |