Security Guide for Siebel eBusiness Applications > Web Single Sign-On and Remote Authentication >

Overview of Web Single Sign-On


In a Web SSO implementation, users are authenticated by a third party at the Web site level. Siebel applications support this mode of authentication by providing an interface that allows the third party to pass user information to a Siebel application. Once authenticated by the third party, a user does not have to explicitly log into the Siebel application. Web SSO allows you to deploy Siebel applications into existing Web sites or portals.

Web SSO architecture is appropriate for Web sites on which only approved registered users can gain access to sensitive data, such as a Web site on which you share data with your channel partners.

Figure 11 shows an example of authentication architecture for Web SSO.

Figure 11.  Web SSO Authentication

Click for full size image

The steps in the Web SSO authentication process shown are:

  1. The user enters credentials at the Web site that are passed to the Web server. A third-party authentication client on the Web server passes the user credentials to the third-party authentication service. The third-party authentication service verifies the user credentials and passes the authenticated user's username to the Siebel Web Server Extension (SWSE).
  2. The Siebel Web Server Extension (SWSE) passes the authenticated user's username to the authentication manager, a component of the Application Object Manager. The username can be the Siebel user ID or another attribute.
  3. The security adapter provides the authenticated user's username to a directory, from which the user's Siebel user ID, a database account, and, optionally, roles are returned to the authentication manager.
  4. The Object Manager uses the returned credentials to connect the user to the database and to identify the user.

Because Web SSO deployments assume that user authentication and user management are the responsibility of the third-party security infrastructure, the following capabilities are not available, as Siebel eBusiness Applications features, in a Web SSO environment:

Your Siebel applications may require configuration changes to hide such functionality. For more information, refer to Siebel Tools Reference.

Following are some implementation considerations for a Web SSO strategy:

For more information about integrating third-party authentication software with Siebel eBusiness Applications, see Siebel SupportWeb or contact the Siebel Alliance Group.


 Security Guide for Siebel eBusiness Applications 
 Published: 23 June 2003