Siebel CRM Siebel Security Guide Siebel Innovation Pack 2016, Rev. A E24814-01 |
|
Previous |
Next |
View PDF |
To provide user access to Siebel Business Applications on a Web site implementing Web SSO, the authentication system must be able to provide the following to Siebel Business Applications:
Verification that the user has been authenticated
A user credential that can be passed to the directory, from which the user's Siebel user ID and database account can be retrieved
In a Web SSO environment, you must provide your authentication service and any required components, such as an authentication client component.
The following are some implementation considerations for a Web SSO strategy:
Users are authenticated independently of Siebel Business Applications, such as through a third-party authentication service or through the Web server.
You must synchronize users in the authentication system and users in the Siebel database at the Web site level.
You must configure user administration functionality, such as self-registration, at the Web site level.
A delegated administrator can add users to the Siebel database, but not to the authentication system.
Siebel Business Applications support the following types of Web SSO solutions:
Standards-based Web SSO solutions that meet the requirements listed in "Requirements for Standards-Based Web Single Sign-On".
Windows Integrated Authentication (WIA) SSO
To implement Windows Integrated Authentication SSO solutions, the Siebel application and the Siebel Web server must run on Windows operating systems. For additional information, see "Requirements for Microsoft Windows Integrated Authentication".
Note: Implement Web SSO in a development environment before deploying it in a production environment. |
You can implement the following options in a Web SSO environment that uses a Siebel-compliant security adapter:
User specification source. You must specify the source from which the Siebel Web Engine derives the user's identity key: a Web server environment variable or an HTTP request header variable. For details, see "Configuring the User Specification Source".
Digital certificate authentication. Siebel Business Applications support X.509 digital certificate authentication by the Web server. For information on implementing digital certificate authentication for Web SSO, see "About Digital Certificate Authentication".
In addition, many options identified in "Security Adapter Deployment Options" can be implemented for Web SSO.
Related Topics
"Requirements for Standards-Based Web Single Sign-On"
"Requirements for Microsoft Windows Integrated Authentication"