search cancel

Siebel SSO Integration


Article ID: 211874


Updated On:


CA Single Sign On Agents (SiteMinder)



When running ERP Agent for Siebel, one might like to know :

  1. Why do we have a separate Binary for Siebel ?

  2. Do we have a separate binary for Web Server for Siebel

  3. What is the difference between normal Web Agent Binary and ERP
     binary ?

  4. What is SWSE and when connecting to the Siebel Server from Web
     Server ? How Anonymous user is useful ?

  5. What are the configuration files there in SWSE and what is the
     use of those ?

  6. Where the application team has to configure the Siebel Server to
     connect from Web Server to Siebel Server?

  7. Where is the actual application host ? Is it in Siebel Server or
     Web Server ?

  8. We are giving DB admin username and password only then how it
     cross verify in the DB for Authorization ?




At first glance, ERP Agent for Siebel is a specific Agent designed to
work within the Siebel Server. The common Web Agent is instead
designed to run within Apache, IIS, etc.

Answers to the questions :

  1. As the ERP Agent for Siebel is a specific design to interact with
     Siebel Server, so a specific binary has been built for it.

  2. Usually, we see clients using Apache in front of the Siebel
     server, for which a normal Web Agent can be used. Siebel reports
     the same (1).

  3. The major difference between the ERP Agent and normal Web Agent,
     is that the ERP Agent is able to "translate" the SiteMinder
     session into a Siebel Session (2).
  4. Anonymous is used to request to Siebel Object Manager (3).

  5. Read section "Installing and Configuring CA SSO Agent for Siebel".

  6. Read section "Installing and Configuring CA SSO Agent for Siebel (4)".

  7. When running a Siebel Server, the application is usually in the
     Siebel Server. Please contact the vendor to get more details
     about this.

  8. DatabaseUser should have access to the data to work properly (5).


Additional Information



    About Siebel Web Server Extension (SWSE)
      Web server. Client Web browsers connect to Web servers to access
      Siebel applications. Supported Web servers and operating systems

      Microsoft IIS (on Microsoft Windows)
      IBM HTTP Server (on AIX and supported Linux platforms)
      HP Apache Web Server (on HP-UX)
      Oracle HTTP Server (on supported Linux platforms)
      Oracle iPlanet Web Server (on Oracle Solaris)


        CA SSO lets you create a centrally managed environment,
        providing a secure, personalized user experience across all
        web applications. Through published interfaces, CA SSO can
        authenticate users to Siebel. This integration enables the
        Siebel .COM‑based applications to coexist with other portals
        and web applications, while offering the maximum user
        experience and benefit.


      Integrated Environment

 6. The Siebel web component (SWSE) intercepts the request, performs
    some Siebel-controlled request transformation, and sends the
    request to Siebel Object Manager using Anonymous user credentials.

    1. On receiving the request from SWSE, Siebel Object Manager checks
      for the Anonymous user credentials before sending the Siebel
      Login Web template (SWELogin.swt) customized with the Siebel
      Agent session launching code back to the SWSE. For verifying the
      anonymous user credentials, Object manager calls Security
      Adapter (or Security Provider).


      Installing and Configuring CA SSO Agent for Siebel


     DatabaseUser and DatabasePassword

       Once the Security Adapter is installed, Object Manager uses the
       username and password specified by the settings DatabaseUser
       and DatabasePassword whenever credentials are needed for
       communication to another system. The most common system for
       which Object Manager needs these credentials is the underlying
       database. Customers should refer to the section
       Select/Configure Database Credentials for additional
       information on the security implications of using the same
       credentials for all users when communicating with the database.

       The setting DatabasePassword can be encrypted.