LDAP Security Adapter Authentication Process

In an implementation using LDAP authentication, the security adapter authenticates a user’s credentials against the directory and retrieves database login credentials from the directory. The security adapter functions as the authentication service in this architecture. The steps in the LDAP security adapter authentication process are:

1. The user enters credentials to a Siebel Business Applications login form.

   These user credentials (a user name and password) can vary depending on the way you configure the security adapter. For example, the user name could be the Siebel user ID or an identifier such as an email address or telephone number. The user credentials are passed to the Siebel Application Interface and then to the Application Object Manager, which in turn passes them to the authentication manager.

2. The authentication manager determines how to process the user credentials and calls the security adapter to validate the credentials against the directory.

   Note: The LDAP security adapter used with Siebel Business Applications allows special characters in passwords. Be aware, however, that only a limited number of special characters are supported for use in Siebel passwords. Passwords are also subject to the requirements and limitations imposed by the external directory service. For additional information, see Characters Supported in Siebel Passwords.

3. The security adapter returns the Siebel user ID and a database credential assigned to this user to the authentication manager. (If roles are used, they are also returned to the authentication manager.)

4. The Application Object Manager (or other module that requested authentication services) uses the returned credentials to connect the user to the database and to identify the user.