Web Single-Sign-On allows companies to deploy web-based portal pages from which users can launch other web applications such as Siebel CRM. The typical scenario is that the end user community does not wish to provide login credentials for each web application repetitively. To accommodate this requirement, Siebel CRM supports web Single-Sign-On (SSO).
Web SSO is based on user authentication at the web server level. The web server takes care of authenticating the user. On Microsoft Windows platforms, this is typically achieved with Microsoft Internet Information Services (IIS) and Microsoft Active Directory (AD).
The following diagram depicts the Siebel Web SSO architecture and its authentication flow:
We can describe the authentication flow for Web SSO as follows:
The end user accesses the Siebel Web client URL.
The web server authenticates the user and passes the username to the Siebel Web Server Extension (SWSE).
The SWSE retrieves the trust token from its configuration file...