Single Sign-On in Siebel

Posted by Ankit Patwa
Comments (9)
April 10th, 2008

Being a software developer in Siebel, I had numerous opportunities to create something using this tool. Apart from acknowledging client requests which is everyone’s number one priority, like any other developer I also wanted to first get my fundamentals strong in this tool. There were times when I tried 2-3 different ways to deal with one of the old demands and was successful in discovering many new and simpler methods. Since then I always experiment to meet the requirements and never hesitated to play with Siebel.

This led me into using these concepts readily and implementing them in real time. While using Siebel for many servers in my project, the traditional practice to Sign-In every time you open a new Siebel application server was not only exasperating at times but also a shortcoming in terms of Siebel’s user friendly behavior. Searching an answer for this problem I came across the Single Sign-On Process.

For starters, what is Single Sign-In (SSO)?

It is a session/user authentication process that allows a user to enter name and password for only a single time in entire session in order to access multiple applications. The process authenticates the user for all the applications they have been given rights to and eliminates further prompts when they switch applications during a particular session.

Single Sign-On (SSO) is becoming the standard for advanced security in IT sector. This equips us in streamlined, consistent and secure password management policy for every user. Cutting down on the number of passwords issued to users and reducing time spent on administration, support and training, SSO directly impacts the daily user ability.

The following steps need to be followed for configuring Web Single Sign On and the Active Directory Security Adapter.

  1. An ADSI service account will be needed.This service account is one used to bind to the Active Directory and will also hold the shared database credentials.
  2. The service account will also be the web anonymous user for Single Sign On and must have a Siebel login with Web Anonymous User responsibility. This anonymous user does not need a database account.
  3. Create the shared database account. All users will connect to the database with this database account instead of an individual database account.
  4. Create a custom application object manager that will be configured for ADSI security adapter authentication instead of database authentication.
  5. Add the SSO Sales Object Manager to the Siebel Web Server Extension Update the Siebel Web Server Extension eapps.cfg file to include the SSO Sales Object Manager.
  6. Add a new virtual directory to IIS for SSO.
  7. Configure Siebel Web Server for Web SSO. Open the eapps.cfg file and set parameter IntegratedDomainAuth = True in [swe] section and add following parameter in [SSO] section.

– SingleSignOn=TRUE
– TrustToken=token name
– userspecsource=server
– userspec=REMOTE_USER
– StartCommand= SWECmd=GotoView&SWEView=Sales+Home+Page+View&SWERF=1

This will enable the Single Sign On and it will be authenticated by Windows Integrated Authentication.

Configure ADSI Security Adapter Named Subsystem in Server Administration – Configuration; Enterprises; profile configuration tab and set the parameters for ADSI.

If the authentication is stolen then all resources becomes vulnerable. In addition, you need to be aware of whether there are backups to the SSO in the event the system is down; if the Server is down then the network resources will remain unavailable.

Post by Suman Kumar

Comments (9)

ravi - June 3rd, 2011

Hi this is ravi can u pls explain..why the error when im compiling srf thru local its getting compiled but gets an error with white screen showing Appication_name not found

venkatesh - April 25th, 2011

I am working as a Siebel Admin ,still i have confusing,plz give me some more information....on SSO

Sree - August 20th, 2010

I am working as a Siebel administrator in a project. This description is very abstract for me to configure the Single Sign-On in Siebel. Please send me document containing detail step by step process to configure Single Sign-On in siebel.

Kumar - January 20th, 2010

When i integrate my OBIEE Application into the Siebel via, Single Sign on - Can you please help me on this scenario - How we can configure, Multiple Enterprise Servers for single OBIEE Application on Siebel Sign On Thanks Kumar

No_limits96 - October 23rd, 2009

Trends have to be decided upon at appropriately long timescales. ,

Arnold35 - October 22nd, 2009

No I certainly do not think this is a statement that is factually correct. ,

Джаля - May 22nd, 2009

Хм… даже такое бывает.

Arun - March 18th, 2009

I am working as a Siebel administrator in a project. This description is very abstract for me to configure the Single Sign-On in Siebel. Please send me document containing detail step by step process to configure Single Sign-On in siebel. Thanks in Advance. I would be very happy, if we share our experiences and enhance out knowledge. Eagerly waiting for your reply.

D Sivakumar - April 19th, 2008

We need some more information regarding Active Directory Integration. Please send to me. Thanks Sivakumar 9884097411

Comments are closed.