Creating Siebel Gateway Security Profile with Database Authentication Advanced Mode
The following procedure shows how to create a Siebel Gateway security profile with Database Authentication Advanced mode when Single Sign-On (SSO) is supported. The instructions are the same for SSO and non-SSO, except for Step 4g in the following procedure.
The steps in this procedure are the same whether adding a new Siebel Gateway profile or updating an existing Siebel Gateway profile via safe mode to use Database Authentication Advanced mode.
To create Siebel Gateway security profile with Database Authentication Advanced mode
-
Make sure JDBC is enabled over TLS as shown in Enabling JDBC Over TLS.
-
Log in to the Siebel Management Console and configure CGHostURI as always.
-
Click Profiles, click Security, click Add (the plus (+) icon) and then enter the name of the security profile in the Create Profile field (for example: GWProfile).
-
In the Data Sources section on the Data Sources tab:
-
Enter the name of the data source in the Name field.
-
Under Type, select the Database Authentication Advanced mode option.
-
Select the SQL Style of Database option. The options are: Oracle Database Enterprise Edition, Microsoft SQL Server, and IBM DB2.
-
Enter the database Connection String information. The following table shows how to enter the database Connection String information according to the selected SQL Style of Database.
Note: The database Connection String can be one of the following: any SQL Style of Database, Oracle Data Guard, or Oracle RAC (Real Application Clusters).SQL Style of Database TCP/TCPS Connection string
Oracle Enterprise Edition
TCP
(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = slc1****.us.oracle.com)(PORT = 1*5*))) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = qahlp1) ) )Note: Copy the connection string from tnsname.ora file.Oracle Enterprise Edition
TCPS
(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCPS)(HOST = slc1****.us.oracle.com)(PORT = 2*8*))) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = test) ) )Note: Copy the connection string from tnsname.ora file.Microsoft SQL Server
TCP
[host]:[port];databaseName=[databaseName];Microsoft SQL Server
TCPS
[host]:[port];databaseName=[databaseName];encrypt=true; trustServerCertificate=true;IBM DB2
TCP
[host]:[port]/[databaseName]IBM DB2
TCPS
[host]:[port]/[databaseName]:sslConnection=true; -
Enter the Table Owner (for example: ORAHLPP).
-
(Optional) If user password hashing is required, then select the Hash User Password check box.
-
Select the Configure Web Single Sign-On (Web SSO) check box to set the SSO related parameters described in the following table.Note: Deselect this option for non-SSO support.
Parameter
Description
Trust Token
Specify the trust token, which is used as the password when running in SSO mode. The value entered in this field must match the Trust Token value (alias DBSecAdpt_TrustToken) configured with the object manager's database security adapter. For more information, see Configuring Object Manager's Database Security Adapter in Advanced Mode.
Shared DB User Name
Specify the database user name to connect to the Siebel database.
Shared DB Password
Specify the password for the Shared DB Username parameter.
-
Click Next to go to the Security Information screen.
-
-
In the Basic Information section on the Security Information tab:
-
Make sure to select the Database Authentication Advanced mode option and that DBsecAdpt is specified in the Security Adapter Name field.
-
Select the Database Security Adapter Data Source (for example: GWProfile).
-
Enter Authorization Roles (in comma-separated format). The Siebel Administrator is the default role.
-
-
In the Testing section on the Security Information tab, enter the database User Name and Password, where password is one of the following, and then click Submit to test and save the profile.
-
Enter the trust token as the password if the SSO option is selected.
-
Enter the database password if the SSO option is not selected.
-