Siebel Security Guide > Web Single Sign-On Authentication >
About Implementing Web Single Sign-On
To provide user access to Siebel Business Applications on a Web site implementing Web SSO, the authentication system must be able to provide the following to Siebel Business Applications:
- Verification that the user has been authenticated
- A user credential that can be passed to the directory, from which the user's Siebel user ID and database account can be retrieved
In a Web SSO environment, you must provide your authentication service and any required components, such as an authentication client component. Web Single Sign-On Implementation Considerations
The following are some implementation considerations for a Web SSO strategy:
- Users are authenticated independently of Siebel Business Applications, such as through a third-party authentication service or through the Web server.
- You must synchronize users in the authentication system and users in the Siebel database at the Web site level.
- You must configure user administration functionality, such as self-registration, at the Web site level.
- A delegated administrator can add users to the Siebel database, but not to the authentication system.
- Siebel Business Applications support the following types of Web SSO solutions:
- Siebel Business Applications do not support Web SSO solutions that are based on Security Assertion Markup Language or that are cookie based.
NOTE: Implement Web SSO in a development environment before deploying it in a production environment.
Web Single Sign-On Options
You can implement the following options in a Web SSO environment that uses a Siebel-compliant security adapter:
- User specification source. You must specify the source from which the Siebel Web Engine derives the user's identity key: a Web server environment variable or an HTTP request header variable. For details, see Configuring the User Specification Source.
- Digital certificate authentication. Siebel Business Applications support X.509 digital certificate authentication by the Web server. For information on implementing digital certificate authentication for Web SSO, see About Digital Certificate Authentication.
- In addition, many options identified in Security Adapter Deployment Options can be implemented for Web SSO.
Related Topics
Requirements for Standards-Based Web Single Sign-On
Requirements for Microsoft Windows Integrated Authentication
|