1. Security Guide
  2. Authentication Options for Synchronization Manager

Authentication Options for Synchronization Manager

The Synchronization Manager server component for Siebel Remote validates each incoming Mobile Web Client request. Synchronization Manager validates the mobile user’s user ID against the list of valid Mobile Web Clients in the server database and validates that the effective end date is valid or NULL.

Synchronization Manager also verifies that the Mobile Web Client has connected to the correct Siebel Remote server. If the Mobile Web Client connects to the wrong Siebel Remote server, then Synchronization Manager reconnects the Mobile Web Client to another Siebel Remote server and updates the client’s local configuration information.

Synchronization Manager authenticates the Mobile Web Client’s password by using the method specified using the Authentication Method configuration parameter (alias Authentication). Set this parameter for Synchronization Manager using Siebel Server Manager. For details, see Siebel Remote and Replication Manager Administration Guide.

Authentication Method can be set to one of the following values:

  • None. Does not authenticate the Mobile Web Client’s password. This is the default setting.

  • Database. Uses the Mobile Web Client’s user name and password to connect to the server database. Uses the database security adapter to do this (typically, DBSecAdpt).

  • SecurityAdapter. Uses the security adapter specified using the parameters Security Adapter Mode and Security Adapter Name to authenticate the user. Depending on the security adapter in effect, the user can be authenticated against the database or against an LDAP directory. Password hashing is subject to the configuration of this security adapter.

    The Security Adapter Mode and Security Adapter Name parameters can be set at the Enterprise or Siebel Server level, or set for the Synchronization Manager component. Database authentication is the default security adapter. You can use the same security adapter across the Siebel Enterprise, or use a different security adapter for Synchronization Manager than you do for the rest of the Enterprise. For more information, see About Siebel Security Adapters and subsequent topics, earlier in this chapter.

  • Siebel. Validates the Mobile Web Client’s password against the password stored in the Mobile Web Client’s screen. (This option uses the mangle encryption algorithm, which is generally no longer recommended.)

  • AppServer. Verifies that the password is the same as the user’s operating system password on the Siebel Server computer. (This option is generally no longer recommended.)