About Authentication for Mobile Web Client Synchronization

This topic describes some of the processing that occurs to authenticate a remote user during synchronization. For detailed information about the synchronization process, see Siebel Remote and Replication Manager Administration Guide.

The following facts apply to Siebel Remote and remote users:

• Remote users do not connect to the Web server.

  When remote users synchronize, they connect directly from the Siebel Mobile Web Client to the Siebel Remote server, that is, the Siebel Server designated to support synchronization with remote users.

• Only one user ID and password can be used to access a local database. Local databases cannot belong to more than one user.

• A single user can have multiple Mobile Web Clients, such as two clients on two separate computers.

About the Synchronization Process for Remote Users

The Siebel remote user connects to a local database on their client computer, makes transaction modifications, and then synchronizes theses changes to the Siebel Remote server. This involves the following steps:

1. Start Siebel on the client computer, then enter a user ID and password.

2. In the Connect To parameter, choose Local.

   The user ID and password are validated by the local database residing on the client computer.

3. The Siebel application appears in the Web browser and the user navigates through the application and modifies data, as appropriate (insert, update, or delete operations).

4. Later, the user decides to synchronize the local database changes and download updates from the Siebel Remote server. This involves the following steps:

   1. Connect to the Siebel Remote server using a dial-up modem or LAN, WAN, or VPN connection.

   2. Start Siebel on the client computer, then enter a user ID and password.

   3. In the Connect To parameter, choose Local.

      The user ID and password are validated by the local database residing on the client computer.

   4. When the Siebel application appears in the Web browser, the user chooses File, and then Synchronize Database.

      The user is now accessing the Siebel Remote server for synchronization, and is subject to authentication.

   5. Once the remote user is authenticated, synchronization begins.

Authentication Options for Synchronization Manager

The Synchronization Manager server component for Siebel Remote validates each incoming Mobile Web Client request. Synchronization Manager validates the mobile user's user ID against the list of valid Mobile Web Clients in the server database and validates that the effective end date is valid or NULL.

Synchronization Manager also verifies that the Mobile Web Client has connected to the correct Siebel Remote server. If the Mobile Web Client connects to the wrong Siebel Remote server, then Synchronization Manager reconnects the Mobile Web Client to another Siebel Remote server and updates the client's local configuration information.

Synchronization Manager authenticates the Mobile Web Client's password by using the method specified using the Authentication Method configuration parameter (alias Authentication). Set this parameter for Synchronization Manager using Siebel Server Manager. For details, see Siebel Remote and Replication Manager Administration Guide.

Authentication Method can be set to one of the following values:

• None. Does not authenticate the Mobile Web Client's password. This is the default setting.

• Database. Uses the Mobile Web Client's user name and password to connect to the server database. Uses the database security adapter to do this (typically, DBSecAdpt).

• SecurityAdapter. Uses the security adapter specified using the parameters Security Adapter Mode and Security Adapter Name to authenticate the user. Depending on the security adapter in effect, the user can be authenticated against the database or against an LDAP directory. Password hashing is subject to the configuration of this security adapter.

  The Security Adapter Mode and Security Adapter Name parameters can be set at the Enterprise or Siebel Server level, or set for the Synchronization Manager component. Database authentication is the default security adapter. You can use the same security adapter across the Siebel Enterprise, or use a different security adapter for Synchronization Manager than you do for the rest of the Enterprise. For more information, see "About Siebel Security Adapters" and subsequent topics, earlier in this chapter.

• Siebel. Validates the Mobile Web Client's password against the password stored in the Mobile Web Client's screen. (This option uses the mangle encryption algorithm, which is generally no longer recommended.)

• AppServer. Verifies that the password is the same as the user's operating system password on the Siebel Server computer. (This option is generally no longer recommended.)