Siebel Security Guide > Security Adapter Authentication > Process of Installing and Configuring LDAP Client Software >

Considerations if Using LDAP Authentication with SSL

This topic provides information on using LDAP authentication with SSL. The Oracle Database Client requires that Oracle Wallet Manager is installed if SSL must be supported. The LDAP libraries and utilities provided with the Oracle Database Client use the SSL libraries provided with Oracle Wallet Manager.

This task is a step in Process of Installing and Configuring LDAP Client Software.

• If Oracle Wallet Manager is installed, then the LDAP libraries dynamically load the SSL libraries and use them to enable SSL, when SSL is configured.
• If Oracle Wallet Manager is not installed and the SSL libraries are not available, then the LDAP library is fully functional, with the exception of SSL support.

By using SSL with server authentication, an LDAP application can use simple LDAP authentication (user ID and password) over an encrypted communication connection between the LDAP client application and the LDAP server. In addition, SSL provides data confidentiality (encryption) on connections protected by SSL. Authentication of servers to clients is accomplished with X.509 certificates.

NOTE:  The SSL encryption standard is not secure. It is recommended that you implement additional methods of securing connections between the LDAP security adapter and directory servers.

It is assumed that SSL capability is, or will be, required for Siebel LDAP authentication. Therefore, the LDAP client installation process includes Oracle Wallet Manager installation as an integral part. If you are absolutely sure that SSL will never be turned on for Siebel LDAP authentication, then you do not have to install Oracle Wallet Manager.