Security Adapter Authentication
In general, the process of security adapter authentication includes the following principal stages:
The user provides identification credentials.
The user’s Siebel user ID and database account are retrieved from a directory, from the Siebel database, or from another external source (for Web Single Sign-On).
The user’s identity is verified.
The user is granted access to the Siebel application and the Siebel database.
Depending on how you configure your authentication architecture, the security adapter might function in one of the following modes, with respect to authentication:
With authentication (LDAP security adapter authentication mode). The security adapter uses credentials entered by the user to verify the user’s existence and access rights in the directory. If the user exists, then the adapter retrieves the user’s Siebel user ID, a database account, and, optionally, a set of roles which are passed to the Application Object Manager to grant the user access to the Siebel application and the database. This adapter functionality is typical in a security adapter authentication implementation.
Without authentication (Web SSO mode). The security adapter passes an identity key supplied by a separate authentication service to the directory. Using the identity key to identify the user in the directory, the adapter retrieves the user’s Siebel user ID, a database account, and, optionally, a set of roles that are passed to the Application Object Manager to grant the user access to the Siebel application and the database. This adapter functionality is typical in a Web SSO implementation.