Login Scenario for Password Hashing

This topic describes the login process for a Siebel application user when password hashing has been implemented. A user is logged into the Siebel application by the following process:

1. The user logs in with user credentials that include the unhashed password.

2. The Application Object Manager receives the user credentials, and passes them to the authentication manager.

3. If user password salting is enabled, then the authentication manager retrieves the salt value associated with the user password from the LDAP or custom security adapter directory and prefixes it to the user provided password.

4. The authentication manager hashes the password, according to the configuration of the security adapter.

   • In a database authentication environment:

     • The authentication manager passes the user credentials (user ID and hashed password) to the database security adapter.

     • The database security adapter verifies that the hashed password matches the hashed password stored in the database for the user. It validates the credential by trying to connect to the database server. The security adapter confirms to the Application Object Manager, through the authentication manager, that the credentials are valid.

   • In an LDAP authentication environment:

     • The authentication manager passes the user credentials, including the hashed password, to the LDAP security adapter.

     • The LDAP security adapter verifies that the hashed password matches the hashed password stored in the directory for the user, and then returns the database account and the Siebel user ID to the Application Object Manager through the authentication manager.

5. The Application Object Manager initiates a Siebel application session for the user.

Related Topics

Process of Configuring User and Credentials Password Hashing

Running the Password Hashing Utility