Siebel CRM Siebel Security Guide Siebel Innovation Pack 2016, Rev. A E24814-01 |
|
Previous |
Next |
View PDF |
The gateway.cfg file contains the configuration parameters that determine how access to the Gateway Name Server is authenticated. Gateway Name Server authorization is required whether you use the Siebel Configuration Wizard, Siebel Server Manager, or other utilities to access the Gateway Name Server.
Note: Authentication is not required for starting the Gateway Name Server, only for connecting to it. |
The gateway.cfg file is located in the SIEBEL_ROOT\gtwysrvr\bin
(Windows) or SIEBEL_ROOT/gtwysrvr/bin
(UNIX) directory. The following gateway.cfg file parameters relate to authentication. These parameters are present by default or can be added to the configuration file for gateway authentication. They are grouped by the labeled sections in which they occur in the file. This listing does not include parameters in the gateway.cfg file that are not authentication-related.
You can use any plain text editor to add parameters and their values, or to change values for existing parameters. Changes to the gateway.cfg file are not active until you restart the Siebel Gateway Name Server.
Parameters in sections that directly pertain to security adapters apply only to Gateway Name Server authentication. These parameters are counterparts to the Siebel Gateway Name Server security adapter parameters listed in "Siebel Gateway Name Server Parameters".
The parameters in Table A-9 apply to Gateway Name Server authentication, whether you implement security adapter authentication or Web SSO authentication.
Table A-9 InfraNameServer Parameters in Gateway.cfg
Parameter | Description |
---|---|
Enable Audit Trail |
This parameter specifies whether or not all Gateway Name Server connections are logged. If this parameter is set to TRUE, then most accesses to the Gateway Name Server, including logins, writes, modifications, and deletions, are logged. If this parameter is set to FALSE, then only failed login attempts are logged. The default value of this parameter is TRUE. The audit trail is located at the |
NSAdminRole |
Defines the user role that is required to access the Gateway Name Server. The default role is Siebel Administrator. |
The parameters in Table A-10 are located in the [InfraSecMgr] section of the gateway.cfg file.
Table A-10 InfraSecMgr Parameters in Gateway.cfg
Parameter | Description |
---|---|
SecAdptMode |
Specifies the security adapter mode.
|
SecAdptName |
Specifies the security adapter name.
|
The following parameters are located in the [DBSecAdpt] section of the gateway.cfg file and are specified if you are configuring the database security adapter.
DBSecAdpt_SecAdptDllName
DataSourceName
DBSecAdpt_PropagateChange
For information on these parameters, see the descriptions for equivalent parameters in "Parameters for Database Authentication".
The following parameters are located in the [DataSources] section of the gateway.cfg file and are used to specify the data sources for the security adapter you implemented and for the server.
ServerDataSrc. The data source used when database authentication is enabled.
LDAPSecAdpt. The data source used when LDAP authentication is enabled.
The following parameters are located in the [LDAPSecAdpt] or [ADSISecAdpt] sections of the gateway.cfg file, according to whether you are configuring the LDAP or ADSI security adapter for Gateway Name Server authentication. The LDAP or ADSI sections are created in the gateway.cfg file if you specify LDAP or ADSI configuration values using the Siebel Configuration Wizard.
ApplicationPassword
The ApplicationPassword must be encrypted. Clear text passwords are not supported in the [LDAPSecAdpt] section of the gateway.cfg file. For more information about encrypting passwords, see "Encrypting Passwords Using the encryptstring Utility".
ApplicationUser
BaseDN
CRC
CredentialsAttributeType
HashAlgorithm
HashDBPwd
HashUserPwd
PasswordAttributeType (LDAP only)
PasswordExpireWarnDays (ADSI only)
Port
PropagateChange
RolesAttributeType
SaltAttributeType
SaltUserPwd
SecAdptDllName
ServerName
SharedCredentialsDN
SharedDBPassword
The SharedDBPassword must be encrypted. Clear text passwords are not supported in the [LDAPSecAdpt] section of the gateway.cfg file.
SharedDBUsername
SiebelUsernameAttributeType
SingleSignOn
SslDatabase
TrustToken
UseAdapterUsername
UsernameAttributeType
WalletPassword
For information on these parameters, see the descriptions for equivalent parameters in "Parameters for LDAP or ADSI Authentication".