Bookshelf v7.5: Authentication Manager Overview

Security Guide for Siebel eBusiness Applications > User Authentication Overview > Siebel Authentication Manager >

Authentication Manager Overview

The authentication manager receives user credentials from a source determined by the authentication strategy that is implemented. Figure 7 provides a high-level view of the logic that determines the way the authentication manager processes the user credentials it receives.

The authentication manager branches its processing of the identity key by evaluating conditions based on the values of these options:

No security adapter is identified. The authentication manager concludes that database authentication is implemented and that the identity key is a set of credentials provided by the user. The authentication manager interprets the user credentials as a database account and passes them to the Application Object Manager. The Object Manager opens a database connection using the account, and identifies the user by the account.

A security adapter is identified, but Web SSO is not specified. The authentication manager concludes that external authentication by a security adapter is implemented and that the identity key is a set of credentials provided by the user. The authentication manager invokes the security adapter to authenticate the user credentials through the directory and to return a database account, a Siebel user ID, and possibly roles. The Application Object Manager opens a database connection using the account and identifies the user by the user ID.

A security adapter is identified, and Web SSO is specified. The authentication manager concludes that Web SSO is implemented and that the user credentials identify a user who is preauthenticated by a third party. The authentication manager invokes the security adapter to verify that the credentials come from a trusted source and to return a database account, a Siebel user ID, and, possibly roles from the directory. The Application Object Manager opens a database connection using the database account and identifies the user by the Siebel user ID.