Upload
vamshisolenti
View
234
Download
0
Embed Size (px)
Citation preview
8/6/2019 Sun One Web SSO Config Guide
1/24
Web SSO Configuration Guide
Sun ONE Identity Server Policy Agents
Version2.0
816-6901-10August 2003
8/6/2019 Sun One Web SSO Config Guide
2/24
Sun Microsystems, Inc.4150 Netw ork CircleSanta Clara, CA 95054 U.S.A.
Copyright 2003 Sun Microsystems, Inc. All rights reserved.
Sun, Sun Microsystems, the Sun logo, Java, Solaris, Sun ONE, iPlanet, and all Sun, Java, and Sun ONE based trad emarks and logosare trad emarks or r egistered tradem arks of Sun Microsystems, Inc. in the United States and other countr ies.
UNIX is a registered trad emark in the Un ited States and oth er countries, exclusively licensed thr ough X/ Open Com pan y, Ltd.
Netscape is a trademark or registered trademark of Netscape Communications Corporation in the United States and other countries.
Federal Acquisitions: Commer cial SoftwareGovernm ent Users Subject to Stand ard License Terms and Conditions
The product described in this document is distributed under licenses restricting its use,copying, distribution, and decompilation. Nopart of the prod uct or this document may be reprod uced in any form by any means without p rior written authorization of Sun
Microsystems, Inc. and its licensors, if any.THIS DOCUMEN TATION IS PROVIDED AS IS AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AN DWARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSEOR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BELEGALLY INVALID.
________________________________________________________________________________________
Copyright 2003 Sun Microsystems, Inc. Tous d roits rservs.
Sun, Sun Microsystems, le logo Sun, Java, Solaris,Sun ONE, et iPlanet sont des marques de fabrique ou des marques dposes de Sun
Microsystems, Inc. aux Etats-Unis et d autre pays.UNIX est une ma rque enr egistree aux Etats-Unis et dan s d'autr es pays et licencie exclusivement pa r X/ Open Com pany Ltd .
Netscape est une marque de Netscape Communications Corporation aux Etats-Unis et dans d'autres pays.
Le prod uit d crit d ans ce docum ent est d istribu selon d es conditions de licence qui en r estreignent l'utilisation, la copie, ladistribution et la dcompilation. Aucune par tie de ce prod uit ni de ce docum ent ne peut tre reprodu ite sous quelque forme ou parquelque moyen que ce soit sans lautorisation crite pralable de Sun Microsystems, Inc. et, le cas chant, de ses bailleurs de licence.
CETTE DOCUMENTATION EST FOURNIE EN L'TAT, ET TOUTES CONDITIONS EXPRESSES OU IMPLICITES, TOUTESREPRSENTATIONS ET TOUTES GARANTIES, Y COMPRIS TOUTE GARANTIE IMPLICITE D'APTITUDE LA VENTE, OU
UN BUT PARTICULIER OU DE NON CONTREFAON SONT EXCLUES, EXCEPT DANS LA MESURE O DE TELLESEXCLUSIONS SERAIENT CONTRAIRES LA LOI.
8/6/2019 Sun One Web SSO Config Guide
3/24
3
Contents
About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
What You Are Expected to Know . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Identity Server Documen tation Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Docum entation Conventions Used in This Manu al . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Typographic Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Related Inform ation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Chapter 1 Setting Up Web Single Sign-on Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Need for Identity Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Sun ON E Iden tity Server 6.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Siebel 7.5 and Security Architectur e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Integration Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Sup ported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Pre-requisites to Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Integration Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Known Issues and Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Appendix A Relevant Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Appendix B Siebel Applications Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
8/6/2019 Sun One Web SSO Config Guide
4/24
8/6/2019 Sun One Web SSO Config Guide
5/24
5
About This Guide
This guide offers procedures to integrate SunTM ONE Identity Server 6.0 and Siebel
7.5 to provide a Web Single Sign-on solution.This preface contains the following sections:
What You Are Expected to Know
Identity Server Documen tation Set
Docum entation Conventions Used in This Manu al
Related Information
What You Are Expected to KnowThis book is considered to be an au xiliary manua l in the d ocumen tation seriesprovid ed with Sun ON E Iden tity Server 6.0 SP1. Its essential that you have
experience in: Directory technologies
Lightweight Directory Access Protocol (LDAP)
Sun ONE Directory Server
Siebel app lica tions
As you try to und erstand the concepts d escribed in this guide, you shouldreference the Sun ON E Identity Serverand the Sun ONE Directory Serverdocumentation.
Identity Server Documentation SetThe Sun ON E Iden tity Server d ocumen tation set contains the following titles:
8/6/2019 Sun One Web SSO Config Guide
6/24
Documentation Conventions Used in This Manual
6 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
Product Briefprov ides an overview of the Sun ON E Iden tity Server and itsfeatures and functions.
Installation Guideprovides details on how to install and deploy the IdentityServer on Solaris, Linux and Windows 2000 systems.
Administration Guide describes how to u se the Identity Server console as wellas manage u ser and service data via the comman d line.
Programmers Guide docum ents how to custom ize an Iden tity Server systemspecific to your organization. It also includes instructions on how to augm ent
the application w ith new serv ices using the pu blic APIs.
Getting Started Guide documents how to use various features of Identity Serverto set up a simp le organization with id entities, policies and roles.
J2EE Policy Agents Guide documents how to install and configure IdentityServer policy agents for application servers on a remote server. It also includestroub leshooting and information specific to each agen t.
Web Policy A gents Guide documents how to install and configure IdentityServer policy agents for web servers on a rem ote server. It also includ estroub leshooting and information for these agents.
Web SSO Configuration Guide (this guide) describes the steps for enabling WebSSO between Sun ONE Identity Server 6.0 and Siebel 7.5 applications.
TheRelease Notes file gathers an assortm ent of last-minu te information,includ ing a description of wh at is new in this release, known p roblems and
limitations, installation notes, and h ow to rep ort problems.
Documentation Conventions Used in This ManualIn this guid e, there are certain typograph ic and terminology conventions used tosimplify discussion and to help you better und erstand the ma terial. Theseconventions are described below.
NOTE Be sure to check the Iden tity Server d ocumen tation w eb site forupdates to the release notes and for revisions to the guides. They areavailable at http://docs.sun.com/db/prod/s1idsrv#hic.Upd ated d ocum ents will be marked w ith a revision d ate.
8/6/2019 Sun One Web SSO Config Guide
7/24
References
About This Guide 7
Typographic Conventions
This book uses the following typograph ic conventions:
Italic type is used w ithin text for book titles, new term inology, emp hasis, andword s used in the literal sense.
Monospace font is used for samp le code and code listings, API and languageelements (such as fun ction nam es and class names), filenames, pathnam es,directory names, HTML tags, and any text that mu st be typed on the screen.
Italic serif fontis used within code and code fragm ents to ind icate variableplaceholders. For examp le, the following comm and usesfilename as a variableplaceholder for an argum ent to the gunzip comman d:
gunzip -d filename.tar.gz
TerminologyBelow is a list of the general term s that a re used in the Sun ONE Iden tity ServerPolicy Agent documentation:
Agent_Install_Diris a variable placeholder for the directory wh ere you haveinstalled the Sun ONE Identity Server Policy Agent.
S1IS_Install_Diris a variable placeholder for the hom e directory where youhave insta lled Sun ON E Iden tity Server 6.0.
References1. Secur ity Gu ide for Siebel eBusiness v7.5
2. Technical note 0300: Quick Guide to Using Netscape LDAP Server with Siebel
eBusiness App lications3. Sun ONE Identity Management White Paper
Related InformationIn add ition to the d ocum entation p rovided w ith Sun ONE Identity Server, there
are several other sets of docum entation that m ight be helpful. This section liststhese and additional sources of information.
8/6/2019 Sun One Web SSO Config Guide
8/24
Related Information
8 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
iPlanet Directory Server Documentation
iPlanet Directory Server 5.1 docum entation can be found a thttp://docs.sun.com/db/coll/S1_ipDirectoryServer_51
iPlanet/Sun ONE Web Server Documentation
iPlanet/ Sun ONE Web Server documentation can be found athttp://docs.sun.com/db/coll/S1_ipwebsrvree60_en
Sun ONE Certificate Server Documentation
Sun ON E Certificate Server documen tation can be foun d a thttp://docs.sun.com/db/coll/S1_s1CertificateServer_47
iPlanet Proxy Server Documentation
iPlanet Proxy Server docum entation can be foun d athttp://docs.sun.com/db/coll/S1_ipwebproxysrvr36
Other iPlanet Product Documentation
Documen tation for all other Sun ON E servers and technologies can be found athttp://docs.sun.com/prod/ds/sunone
Download Center
Links to d ownload any of Suns Sun ONE/ iPlanet software are athttp://wwws.sun.com/software/download/
Sun ONE Technical SupportTechnical Sup port can be contacted th roughhttp://www.sun.com/service/support/software/iplanet/index.html
Professional Services Information
Professional Service can be contacted throu ghhttp://www.sun.com/service/sunps/iplanet/
Sun Enterprise Services for Solaris Patches And SupportSolaris patches and su pp ort can be obtained throughhttp://www.sun.com/service/
Developer Information
Information on Sun ON E Iden tity Server, LDAP, the Sun ON E Directory Server,and associated technologies can also be foun d a thttp://developer.iplanet.com/tech/directory/
8/6/2019 Sun One Web SSO Config Guide
9/24
9
Chapter 1
Setting Up Web Single Sign-onSolution
This guide describes the step s requ ired to enable Web Single Sign-On (SSO)betw een Siebel 7.5 and the Sun ON E Identity Server 6.0. Web SSO serv ices allow auser to access mu ltiple, distributed web-based app lications, services, or sitesdu ring a single session without having to reauthen ticate wh ile switching betweenapp lications or services.
The topics covered in this documen t includ e:
Need for Identity Management
Integration Process
Known Issues and Limitations
Need for Identity ManagementToday, a typical business environm ent has nu merou s app lications and servicesdep loyed throughou t its enterprise. The iden tity information for each of theseapp lications and services is most likely mainta ined separately. If each comp onent
man ages its own identities, identity information tend s to be widely distributed . Itruns on different operating systems, uses different rules and standards for security,and is owned and controlled by a widespread group of individuals. As thenum ber of components in an enterprise grows, distributed identity managementbecomes p roblematic for IT organizations as the size, cost, and mainten ance of theinfrastructure sky rockets, redu nd ancy increases, and security risks become aconcern.
8/6/2019 Sun One Web SSO Config Guide
10/24
Need for Identity Management
10 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
The solution to th is problem lies in imp lementing a centralized iden tityman agemen t infrastru cture. If every app lication and service in an enterpr ise used
the same ident ity managem ent infrastructure for managing the iden tities of theirusers, includ ing au thentication, authorization, roles and p olicies, then a lot of theproblems that IT organizations face today, includ ing increased cost, redu nd ancy,and security risks, could be alleviated. Such a centralized identity man agemen tinfrastructure, wh ich includ es directory services, access managem ent, identityprov isioning, and iden tity adm inistration, is what the Sun ON E IdentityManagement framework p rovides through its suite of prod ucts.
Sun ONE Identity Server 6.0One of the core products in the Sun ON E Identity Management framework is theSun ON E Identity Server. It helps organizations man age secure access toweb-based r esources via access managem ent services that enable web singlesign-on, identity ad ministration, and d irectory services. Web single sign-on
services allow a user to access mu ltiple, distributed web-based app lications,services, or sites dur ing a single session withou t the need for reauthent ication asthe user switches between comp onents. Since web single sign-on through SunONE Identity Server greatly enhances the overall user experience and solves one ofthe m ost complex IT problems, it is the focus of this integration w ith Siebel.
Siebel 7.5 and Security ArchitectureSiebel 7.5 app lications, the latest release of Siebel eBusiness Ap plications, providemarket leading depth and breadth of functionality in sales, marketing, service, andpartner relationship man agement.
To und erstand the w eb single sign-on solution betw een Sun ON E Iden tity Server6.0 and Siebel 7.5, it is imp ortant to und erstand the security architecture of thisprod uct. Siebel 7.5 adheres to common ly accepted security stand ard s to facilitate
the integration of the application into the customers business environm ent andsecur ity infrastructure. These indu stry-wide security standard s are used tosup port three authentication method s in Siebel 7.5. Each of these authen ticationmethods is briefly explained below.
Native Database Authentication - In this method , the un derlying securitysystem of the d atabase verifies user creden tials for Siebel 7.5. Each u ser mu sthave a valid d atabase accoun t in ord er to access the Siebel application.
8/6/2019 Sun One Web SSO Config Guide
11/24
8/6/2019 Sun One Web SSO Config Guide
12/24
Integration Process
12 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
Overview
This integration u ses Siebels LDAP Secur ity Ad apter in conjun ction w ith theLDAP authent ication mod ule of Sun O NE Identity Server. All user d ata andapp lication information for Siebel are stored in a relational database. Thisintegration u ses Sun ON E Iden tity Server and Siebel Security Adapter forauth entication only. To un derstan d how the users get logged onto their Siebelapp lication, even though they au thenticate to Sun ON E Iden tity Server, it isimportant to know how the Siebel Security Adapter works in conjunction with SunON E Iden tity Server.
This Web SSO solution u ses the trad itional policy agent implementation m odel,wh ere a URL Policy Agent is installed on the w eb server hosting th e Siebelapp lication. All HTTP requests are intercepted by the agent, and in the absence ofan SSOToken, the user is redirected to th e Sun ON E Iden tity Server 6.0 login p agefor auth entication. Upon successful auth entication, the agent pop ulates apre-determ ined head er variable with the Siebel uid. The Siebel Web ServerExtenstion (SWSE) extracts this head er value and passes th e au thenticated u sers
nam e to the authentication manager, a comp onent of the Siebel Object Manager.The security ad apter th en provides this user nam e to Sun O NE Directory Serverfrom w hich the users Siebel uid and database account are returned to theauth entication manager. Siebel Object Manager then u ses the returned da tabasecredentials to connect the user to the database to identify the user . Figure 1 depictsthe deploymen t architecture and SSO process flow.
IBM H TTP ServerLimited Release2.0.30
Servers run ning AIX 5L withMaintenan ce Level 1 or above
No
Table 1-1
Web Server Platform Agent Available?
8/6/2019 Sun One Web SSO Config Guide
13/24
Integration Process
Chapter 1 Setting Up Web Single Sign-on Solution 13
Figure 1-1 Deploym ent Architecture an d SSO Process Flow
8/6/2019 Sun One Web SSO Config Guide
14/24
Integration Process
14 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
Pre-requisites to Integration
Before you begin th e integration, make sure th at:
Siebel and all of its required components, including the web server and theda tabase server, are installed and ru nning in the environm ent. For detailedinformation on how to d o this, please refer to the Siebel Bookshelf.
Sun ONE Identity Server , including Sun ONE Directory Server , i s installed andrunning. For information on how to install these prod ucts, please refer to theSun ONE Identity Server produ ct documentation.
Integration StepsOnce you have th e prod ucts mentioned above installed and runn ing, follow thesteps listed below to enable Web SSO betw een Siebel 7.5 and Sun ON E IdentityServer.
1. Set up Sun ON E Directory Server 5.1 so that th e database accoun ts and theusers Siebel uid can be retrieved.
Users in the Siebel database must correspond to u sers in Sun ON E DirectoryServer.
Users in Sun ON E Directory Server must h ave attributes containing values forSiebel uid, password and database account. Attribute names must correspond
to what is configured in the w eb server plug -in configuration file, eapps.cfg,and the Call Center configuration file, uagent.cfg. The web server plug-inconfigura tion file is located in $WEB_PLUGIN_HOME/bin d irectory on theweb server machine. The Call Center configuration file is located in$SIEBEL_HOME/siebsrvr/bin directory on the Siebel server machine. If youare using a Siebel app lication other than Call Center, make sure you look atthat p articular app lications configuration file rather than th e Call Centerconfiguration file.
NOTE Although this docum ent describes only the steps to integrate SunON E Identity Server with Siebel Call Center 7.5 for Web SSO, it hasbeen validated against Call Center, eSales, ERM and eChann el.Valida tion against four distinct Siebel applications m akes this ageneric solution, wh ich can be u sed across all Siebel 7.5 eApp s1.
8/6/2019 Sun One Web SSO Config Guide
15/24
Integration Process
Chapter 1 Setting Up Web Single Sign-on Solution 15
2. Edit the parameters in th e web server p lug-in configuration file, eapps.cfg,residing on the w eb server machine to have the following values:
3. Edit the param eters in the Call Center configuration file, uagent.cfg, asdescribed below. If you are using another Siebel application, make sure to editthe approp riate configuration file in a similar manner (see Append ix C).
Code Example 1-1
[defaults]AnonUserName = sadminAnonPassword = sadminAnonUserPool = 120StatsPage = _stats.sweHTTPPort = 8080
HTTPSPort = 443EnableFQDN = FALSEFQDN = CHANGE_MEAnonSessionTimeout = 900GuestSessionTimeout = 300SessionTimeout = 900DoCompression = TRUESingleSignOn = TRUETrustToken = siebel2sunUserSpec = REMOTE_USER
UserSpecSource = Header
Code Example 1-2
[LDAP]DllName = libsscfldap.soServerName = e450b.sunmde.comPort = 389BaseDN = "ou=People,o=siebel.com"SharedCredentialsDN = "uid=sadmin,ou=People,o=siebel.com"UsernameAttributeType = uid
PasswordAttributeType = userPasswordCredentialsAttributeType = dbaccount;RolesAttributeType = siebelrole;SslDatabase =ApplicationUser = "uid=amAdmin,ou=People,o=siebel.com"ApplicationPassword = netscape1;EncryptApplicationPassword = FALSE;EncryptCredentialsPassword = FALSESingleSignOn = TRUETrustToken = siebel2sun;UseAdapterUsername = FALSE
8/6/2019 Sun One Web SSO Config Guide
16/24
Known Issues and Limitations
16 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
4. Install Sun One Identity Server Policy Agent, version 2.0 on the web serverhosting the Siebel app lication. For information on how to install this agent,please refer to the policy agents documen tation at
http:/ / docs.sun.com/ db/ coll/ S1_IdServ_60.5. Mod ify the file amAgent.properties to allow the p olicy agent to set values in
the HTTP header. The amAgent.properties file is the configuration file for thepolicy agent. It is typ ically located in/etc/opt/SUNWam/agents/es6/config/_opt_SUNWam_servers_/AMAgent.properties. In th e file, mod ify the following p ropertiesas listed below:
com.sun.am.policy.am.fetchHeaders=true
com.sun.am.policy.am.headerAttributes=uid|uid
6. Create policies in Sun ON E Iden tity Server 6.0 to allow/ deny access to yourSiebel app lication. The steps for creating policies are docum ented in th e SunON E Iden tity Server Administration Gu ide, which is located athttp://docs.sun.com/source/816-6686-10/index.html.
Policies can be set on users, roles, or organizations. For this integration,policies have been set on the organization.
7. Stop th e Web Server, Web Server Ad min, Siebel Server, and then th e GatewayServer. Restart them in the reverse order.
To verify if the in tegra tion is successful, access the Call Center applicationURL. You will redirected to Sun ON E Iden tity Server login p age forauthentication and up on successful au thentication, you w ill be able to access
the Call Center app lication.
Known Issues and Limitations In Header mode, Siebel app let pop -up window hangs after logg ing in .You can
work arou nd this by refreshing the brow ser.
;SiebelUsernameAttributeType =;UseRemoteConfig =
Code Example 1-2
8/6/2019 Sun One Web SSO Config Guide
17/24
Known Issues and Limitations
Chapter 1 Setting Up Web Single Sign-on Solution 17
The integration has been validated in a Solaris environment with the browserInternet Explorer as the client program. The validation on an all Windows 2000
environm ent is soon to follow.
8/6/2019 Sun One Web SSO Config Guide
18/24
Known Issues and Limitations
18 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
8/6/2019 Sun One Web SSO Config Guide
19/24
19
Appendix A
Relevant Configuration Files
A total of four Siebel applications w ere validated against th is SSO solution: CallCenter , eSales, ERM, PRM (form erly know n as eChan nel). All Siebel app licationstested ar e assum ed to be version 7.5 build 15051.
The files involved a re the app lications ind ividua l configuration file and a filenamed eapps.cfg, which contains parameters u sed by th e Siebel Web Engine to
control all Siebel app lications interactions w ith th e Web Engine.The relevant portions of the long app lication configuration files are the p ortionsthat fall und er the head ings "[Siebel]", "[SecurityAdap ters]", and "[LDAP]". So forCall Center, eSales, ERM and PRM you w ould need to make su re the sectionsunder the aforementioned headings containthe following:
Code Example A-1
[Siebel]Security Adapter= LDAP
[SecurityAdapters]LDAP= LDAP
[LDAP]DllName = libsscfldap.soServerName = e420-101-4.sundevsjc.com
Port = 389BaseDN = "ou=People,o=siebel.com"SharedCredentialsDN = "uid=sadmin,ou=People,o=siebel.com"UsernameAttributeType = uidPasswordAttributeType = userPasswordCredentialsAttributeType = dbaccount;RolesAttributeType = siebelrole;SslDatabase =ApplicationUser =
"uid=amAdmin,ou=People,o=siebel.com"ApplicationPassword = password1EncryptApplicationPassword = FALSEEncryptCredentialsPassword = FALSE
8/6/2019 Sun One Web SSO Config Guide
20/24
20 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
The file eapps.cfg has a head ing for each Siebel app lication, for example[callcenter], and [esales] as well as one named [defaults]. Anything specified underthe specified application will override what is specified in d efaults. For thepu rposes of this integration, the SSO sp ecific configuration was specified indefaults as given here:
SingleSignOn = TRUETrustToken = siebel2sunUseAdapterUsername = FALSE;SiebelUsernameAttributeType =; UseRemoteConfig =
Code Example A-2
[defaults]
AnonUserName = sadminAnonPassword = sadminAnonUserPool = 10StatsPage = _stats.sweHTTPPort = 8080HTTPSPort = 443EnableFQDN = FALSEFQDN = CHANGE_MEAnonSessionTimeout = 900GuestSessionTimeout = 300SessionTimeout = 900
DoCompression = TRUE
SingleSignOn = TRUETrustToken = siebel2sunUserSpec = REMOTE_USERUserSpecSource = Server
Code Example A-1
8/6/2019 Sun One Web SSO Config Guide
21/24
21
Appendix B
Siebel Applications ConfigurationFiles
To configure Web SSO for a Siebel 7.5 application, it is necessary to mod ify itsrespective configu ration file. The following table lists the configuration files of allthe Siebels applications for your easy reference.
Table 1-2 Configura tion files for va rious Siebel applications
Siebel Application Configuration File
Siebel Call Center uagent.cfg
Siebel eBriefings ebriefings.cfg
Siebel eAuction esales.cfg
Siebel PRM PartnerPortal scw.cfg
Siebel PRM Webphone wpechan .cfg
Siebel eCustomer ecustomer.cfg
Siebel eEvents eevents.cfg
Siebel eMarketing emarketing.cfg
Siebel EmployeeRelationshipManagement
erm.cfg
Siebel eSales esales.cfg
Siebel eService eservice.cfg
Siebel eServiceWebphone
wpeserv.cfg
Siebel eTraining etraining.cfg
8/6/2019 Sun One Web SSO Config Guide
22/24
22 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
The integration w as tested only w ith Siebel Call Center, Siebel eSales, SiebelEmployee Relationship Managem ent and Siebel Partner RelationshipManagement.
Siebel Field Service sfs.cfg
Siebel Marketing market.cfg
Siebel Par tner Manager pmanager .cfg
Siebel Sales siebel.cfg
Siebel Sales for CE cssales.cfg
Siebel Sales for Palm cssalesp alm .cfgSiebel Sa les WebPhone wpsa les .cfg
Siebel Service service.cfg
Siebel Service Webphone wpserv.cfg
Table 1-2 Configurat ion files for var ious Siebel app lications
Siebel Application Configuration File
8/6/2019 Sun One Web SSO Config Guide
23/24
23
Index
AAuthentication
native database 10security ad apters 11Web Single Sign-On 11
CCertificate Server
Documentation 8
DDeveloper Information 8Documentation
Certificate Server 8Proxy Server 8Web Server 8
DownloadsSun ONE Software 8
IIdentity Management 9
Identity ServerRelated Product Information 7
Identity Server 6.0 10Integration
Issues and Limitations 16overview 12pre-requisites 14process 11
steps 14Issues
integration 16
L
Limitationsintegration 16
PPlatforms
Supported 11
Professional Services 8Proxy Server
Documentation 8
RReferences 7
S i S
8/6/2019 Sun One Web SSO Config Guide
24/24
Section S
24 Sun ONE Identity Server Policy Agents 2.0 Web SSO Configuration Guide August 2003
SSecurity Architectur e
Siebel 7.5 10Solaris
Patches 8Support 8
Sun ON ESupport 8
SupportProfessional Services 8
Solaris 8Sun ON E 8
WWeb Server
Documentation 8