|
Siebel Security Guide > Security Adapter Authentication >
About User Authentication
Authentication is the process of verifying the identity of a user. Siebel Business Applications support multiple approaches for authenticating users. You choose either security adapter authentication or Web SSO authentication for your Siebel application users:
- Security adapter authentication. Siebel Business Applications provide a security adapter framework to support several different user authentication scenarios:
- Database authentication. Siebel Business Applications support authentication against the underlying database. In this architecture, the security adapter authenticates users against the Siebel database. Siebel Business Applications provide a database security adapter (it is configured as the default security adapter).
- Lightweight Directory Access Protocol (LDAP) or Active Directory Service Interfaces (ADSI) authentication. Siebel Business Applications support authentication against LDAP-compliant directories or Microsoft Active Directories. In this architecture, the security adapter authenticates users against the directory. Siebel Business Applications provide the following two security adapters to authenticate against directory servers:
- Custom. You can use a custom adapter you provide, and configure the Siebel Business Applications to use this adapter. For more information, see Security Adapter SDK.
- Web Single Sign-On (Web SSO). This approach uses an external authentication service to authenticate users before they access the Siebel application. In this architecture, a security adapter does not authenticate the user. The security adapter simply looks up and retrieves a user's Siebel user ID and database account from the directory based on the identity key that is accepted from the external authentication service. For more information, see Web Single Sign-On Authentication.
You can choose the approach for user authentication individually for each application in your environment, based on the specific application requirements. However, there are administrative benefits to using a consistent approach across all of your Siebel Business Applications, because a consistent approach lowers the overall complexity of the deployment. Configuration parameter values determine how your authentication architecture components interact. For information about the purpose of configuration parameters, see Configuration Parameters Related to Authentication. For information about the seed data related to authentication, user registration, and user access that is installed with Siebel Business Applications, see Seed Data. Authentication for Self-Service Applications
If you are using LDAP, ADSI, or Web Single Sign-On authentication with the Siebel Self-Service Applications available with Siebel CRM Release 8.1, then see the following Siebel Self-Service Applications documentation for additional information on user authentication:
- Siebel Self-Service Application Deployment Guide
- Siebel Self-Service Application Developer's Guide
Issues for Developer and Mobile Web Clients
The following special issues apply for authentication for deployments using Siebel Developer Web Client or Mobile Web Client:
- For a particular Siebel application, when users connect from the Siebel Developer Web Client to the server database, the authentication mechanism must be the same as that used for Siebel Web Client users. This mechanism could be database authentication or a supported external authentication strategy, such as LDAP or ADSI.
- When connecting to the local database from the Mobile Web Client, mobile users must use database authentication. For information about authentication options for local database synchronization, see Siebel Remote and Replication Manager Administration Guide.
|
