Authentication Parameters in Siebel Application Interface Profile
The following table describes the parameters in the Application Interface profile that relate to authentication. You define these parameters in either the Basic Information section or the Applications section under Application Interface Profiles in the Siebel Management Console.
|
Parameter |
Section Under Application Interface Profiles |
Description |
|---|---|---|
|
Active Session Timeout Value (seconds) |
Basic Information - Authentication |
The time, in seconds, from the user’s last browser request until the user’s connection times out. The default is 900 seconds (15 minutes). Standard sessions are those where users log in using their registered user name and password. Otherwise, standard sessions share many of the same characteristics as guest sessions. For guidelines on setting a value for the Active Session Timeout Value parameter, see About the Active Session Timeout Value Parameter. |
|
Active Session Timeout Warning Value (seconds) |
Basic Information - Authentication |
Before a session times out, a session timeout warning message appears prompting users to choose whether or not to extend the session. The time at which the message appears is determined by the value specified by this parameter. The default value for this parameter is 60 seconds. The time at which the session timeout warning message appears is calculated by subtracting the Active Session Timeout Warning Value from the Active Session Timeout Value. For example, if Active Session Timeout Value is set to 900 seconds and Active Session Timeout Warning Value is set to 300 seconds, then the session timeout warning message appears after 600 seconds of inactivity (900 minus 300 equals 600).
|
|
Login Session (guest session) Timeout Value (seconds) |
Basic Information - Authentication |
The time, in seconds, that a connection open for anonymous browsing can remain idle before it times out. The default is 300 seconds (5 minutes). Guest sessions are used for anonymous browsing. They permit users to navigate portions of the site without logging in. In contrast to anonymous sessions, guest sessions are associated with an individual Siebel Web Client. These sessions are opened when an unregistered user starts navigating the site, and they remain open until the Web client logs out or times out due to inactivity. When deciding the value to specify for guest user timeout, the primary consideration is whether or not anonymous browsing is being used. If it is, then set guest user timeouts to be greater than the average time users need to deliberate their next action. In other words, this is the time allowed between user actions. Both guest and anonymous sessions use the Anonymous User Name and Anonymous User Password parameters to log in. |
|
Method to Check Server Availability |
Basic Information - Authentication |
Provide the swe method name which will be used with the swe command name provided in the [Command to Check Server Availability] field to check the server availability. This must not be empty if the [Command to Check Server Availability] field is not empty. |
|
Command to Check Server Availability |
Basic Information - Authentication |
Provide the swe command name, which will be sent to check the server availability. |
|
Session Token Usage Duration (minutes) |
Basic Information - Authentication |
Provide the session token usage duration, which will make the application interface reject the token if it has been used for more than this value. |
|
Session Token Timeout Value (seconds) |
Basic Information - Authentication |
Provide the session token time out, which will make the application interface reject the session token if the token is inactive for more than this value. |
|
Configure Web Single Sign-On (Web SSO) |
Basic Information - Authentication |
The application interface operates in Web SSO mode when this parameter is
|
|
Trust Token |
Basic Information - Authentication This option appears when Web SSO is true. |
Provide the trust token string, which will be used as the password when Web SSO is enabled. The specified value is passed as the password parameter to a custom security adapter if the value corresponds to the value of the Trust Token parameter defined for the custom security adapter. This value must not be empty when Web SSO is enabled. In a Web SSO environment, this token string is a shared secret between the application interface and the security adapter. It is a measure to protect against spoofing attacks. This setting must be the same on both the application interface and the security adapter. For more information, see Single Sign-On Authentication |
|
User Specification |
Basic Information - Authentication |
In a Web SSO implementation, this variable name specifies the name of the HTTP header variable to read the user’s user name. Do not prefix with HTTP_. |
|
Anonymous User Name |
Basic Information - Authentication |
Provide the user name required for anonymous browsing and initial access to the login pages. For example: GUESTCST. The user name selected as the anonymous user must be assigned access to views intended for anonymous browsing, but to no other views. |
|
Anonymous User Password |
Basic Information - Authentication |
Provide the password for the anonymous user. For more information on setting passwords for the anonymous user, see Encrypted Passwords in Siebel Application Interface Profile Configuration. |