1. Security Guide
  2. Configuring Object Manager's Database Security Adapter in Advanced Mode

Configuring Object Manager's Database Security Adapter in Advanced Mode

The following procedure shows how to configure the object manager's database security adapter in Database Authentication Advanced mode when Single Sign-on (SSO) is supported. Using database authentication without SSO is not recommended for production environments.

To configure the object manager's database security adapter in Advanced mode

  1. After the security profile has been created, as shown in Creating Siebel Gateway Security Profile with Database Authentication Advanced Mode, create the enterprise and server profiles and deploy them if not already done so.

  2. Connect to the server manager and set the following parameter values for the component of interest: SecAdptMode=DBSSO and SecAdptName=DBSecAdpt.

    <-- Component Parameters -->
change param SecAdptMode=DBSSO for comp <component name>
change param SecAdptName=DBSecAdpt for comp <component name>

  3. Add the database adapter advanced subsystem parameter values described in the following table for SSO support. These parameters are required in addition to other existing parameters.

    <-- Named subsystem "dbsecadpt" advanced parameters -->
change param DBSecAdpt_SingleSignOn=TRUE for named subsystem dbsecadpt
change param DBSecAdpt_TrustToken=<value> for named subsystem dbsecadpt
change param DBSecAdpt_SharedDBUsername=<DB user name> for named subsystem dbsecadpt
change param DBSecAdpt_SharedDBPassword=<DB password>for named subsystem dbsecadpt

    Parameter

    Default Value

    Description

    Single Sign On (alias DBSecAdpt_SingleSignOn)

    FALSE

    (TRUE or FALSE) If TRUE, then the security adapter is used in Web SSO mode instead of using security adapter authentication.

    This parameter applies only in a Web SSO environment..

    Trust Token (alias DBSecAdpt_TrustToken)

    <empty>

    The adapter compares the TrustToken value provided in the request with the value stored with the subsystem. If they match, then the application object manager accepts that the request has come from the Application Interface, which is trusted.

    Shared DB Username (alias DBSecAdpt_SharedDBUsername)

    <empty>

    User Id to connect to the Siebel database.

    Shared DB Password (alias DBSecAdpt_SharedDBPassword)

    <empty>

    Password associated with the Shared DB Username parameter.

  4. Restart the Siebel service.