About Authentication and Session Management

The Siebel Server provides a lightweight context management facility for Web service authentication. To manage authentication with this facility, Siebel CRM Desktop uses a combination of user credentials and a SessionID token. When user credentials are presented in the SOAP header of a Web service request, Siebel CRM Desktop performs formal authentication before it runs the Web service operation. If the authentication succeeds, then the operation proceeds and Siebel CRM Desktop places a special SessionID token in the SOAP header of the Web service reply.

When Outlook includes the SessionID in subsequent Web service requests, Siebel CRM Desktop uses this SessionID to restore cached session information. This configuration bypasses the substantially more expensive process of running the authentication again. If presented with the SessionID and a valid set of user credentials, then Siebel CRM Desktop attempts to use the SessionID before it resorts to the user credentials and reauthentication. The session that the SessionID tracks is subject to expiration and other security checks.

For more information, see Integration Platform Technologies: Siebel Enterprise Application Integration.