Siebel Security Guide > Security Adapter Authentication >

About Authentication for Gateway Name Server Access

The Siebel Gateway Name Server serves as the dynamic registry for Siebel servers and components. The Gateway Name Server provides startup information to the application servers and, if compromised, could propagate changes throughout the server environment. To prevent unauthorized changes to the enterprise configuration parameters on the Gateway Name Server, user access to the Gateway Name Server is authenticated. (Authentication is not implemented for starting the Gateway Name Server, only for connecting to it.)

Gateway Name Server authorization is required whether you use the Siebel Configuration Wizard, Siebel Server Manager, or other utilities to access the Gateway Name Server. In each case, you must specify a valid Gateway Name Server authentication user name and password. For information on the Gateway Name Server authentication credentials, see About the Gateway Name Server Authentication Password.

Authentication Mechanisms

You can choose to use database authentication, LDAP authentication, or Active Directory authentication for the Gateway Name Server.

When you configure the Siebel Enterprise Server using the Siebel Configuration Wizard, you choose the type of authentication provider to use by specifying values for the SecAdptName and SecAdptMode parameters (see Configuring LDAP or ADSI Security Adapters Using the Siebel Configuration Wizard for further information). These, and the other security-related configuration values you specify, apply to both the Siebel Enterprise and the Gateway Name Server; these values are used to populate information in various different configurations including the Gateway Name Server configuration file, gateway.cfg.

The Siebel Enterprise and Gateway Name Server are configured to use database authentication by default. If you choose to implement database authentication in your Siebel deployment, then after configuring the Siebel Enterprise Server, no additional steps are required.

If you configure the Enterprise and the Gateway Name Server to use LDAP, ADSI or a custom security adapter using the Siebel Configuration Wizard, then the configuration is not implemented until it is changed manually after configuration. For the Gateway Name Server, this requires editing the gateway.cfg file. For information on implementing LDAP or ADSI authentication for the Gateway Name Server, see Implementing LDAP or ADSI Authentication for the Gateway Name Server.

About the gateway.cfg File

The Gateway Name Server authentication configuration is stored in the gateway.cfg file, which is located in the SIEBEL_ROOT\gtwysrvr\bin (Windows) or SIEBEL_ROOT/gtwysrvr/bin (UNIX) directory. Parameters for the authentication type as well as parameters for the authentication subsystems are stored in this file.

When a user attempts to log in to the name server, the user's credentials are passed by the name server to the authentication provider specified in the gateway.cfg file, which checks that the user has the required administrator privileges to access the name server. If it has, the Gateway Name Server starts to process service requests. For detailed information on the Gateway Name Server authentication configuration parameters, see Parameters in the Gateway.cfg File.