Process of Implementing LDAP Security Adapter Authentication

This topic describes the tasks involved in implementing LDAP security adapter authentication. Implement your authentication architecture in a development environment before deploying it in a production environment.

The process outlined in this topic provides instructions for implementing and testing security adapter authentication for a single Siebel application using an LDAP security adapter with one of the supported directory servers. The security adapter authenticates a user’s credentials against the directory and retrieves login credentials from the directory. A user is authenticated by the user’s Siebel user ID and a password.

You can repeat the appropriate tasks listed in this topic to provide security adapter authentication for additional Siebel Business Applications. You can also implement components and options that are not included in this process. For additional information about security adapter authentication options, see Security Adapter Deployment Options. For information about special considerations in implementing user authentication, see Troubleshooting User Authentication Issues.

Note: If you use a security adapter that is not provided by Siebel Business Applications, then it must support the Siebel Security Adapter Software Developers Kit, which is described in Security Adapter SDK. You must adapt the applicable parts of the following task instructions to your security adapter.

You must perform the following tasks to set up and test a typical LDAP security adapter authentication architecture:

1. Verify that all requirements are met. For information on the requirements, see Requirements for Implementing an LDAP Authentication Environment for Oracle LDAP Client Installation.

2. Review About Creating a Database Login for Externally Authenticated Users.

3. Set up the attributes for users in the directory. See Setting Up the LDAP Directory.

4. Create users in the directory: a regular user, the anonymous user, and the application user. See Creating Users in the LDAP Directory.

5. Add user records in the Siebel database corresponding to the users in the directory. See Adding User Records in the Siebel Database.

6. Edit parameters related to security adapter authentication in the Siebel Application Interface profile. See LDAP Security Adapter Authentication Parameters in the Siebel Application Interface Profile.

7. Select the security adapter you want to use (LDAP or Custom) and then configure parameters for the selected security adapter. Use one of the following methods:

   • Use Siebel Management Console

     Start the Siebel Management Console, select the security adapter you want to use (LDAP or Custom), and then specify the appropriate values for the following parameters:

     • Enterprise Security Authentication Profile (Security Adapter Mode)

     • Security Adapter Name (named subsystem)

     For more information, see Configuring Security Adapters Using the Siebel Management Console.

   • Edit the parameters directly for Siebel Gateway

     You can select the security adapter you want to use, and then configure the parameters for the security adapter by editing the parameters directly using Siebel Server Manager. For more information, see Configuring Security Adapter Parameters for Siebel Gateway.

   • Edit the application configuration file (Developer Web Clients only)

     For Developer Web Clients only, you configure parameters for the security adapter in the application configuration file. For more information, see Configuring Security Adapter Parameters for Developer Web Clients.

8. (Developer Web Client only) Setting a System Preference for Developer Web Clients.

9. Restarting Servers.

10. Testing the LDAP Authentication System.