Siebel CRM and URL Based Authentication

Remember this one?

http://myserver/callcenter_enu/start.swe?SWECmd=ExecuteLogin&SWEUserName=NotSADMINPlease&SWEPassword=yourpasswordincleartext

If you - for whatever reason - use URL-based authentication to load Siebel CRM application content in a browser or iframe then you should strongly consider reading Oracle Support Document 1496603.1 (Removing URL-Based Authentication in Siebel CRM).

In this document, Oracle recommends their customers to refrain from using the obviously insecure authentication via clear-text URL arguments (SWEUserName and SWEPassword). As a transitional solution, customers can add the EnableURLCredentials parameter to the eapps.cfg file (and set it to TRUE) to allow URL-based authentication.


However, Oracle plans to remove any support for URL-based authentication (and the aforementioned parameter) "following the release of Innovation Pack 2013".

So with IP 2014 around the corner, it's time to think about alternatives such as Single-Sign-On or Web Services Security.

Are you affected by this change? Please share your thoughts in the comments.

have a nice day

@lex

תגובות

הוסף רשומת תגובה

פוסטים פופולריים מהבלוג הזה

SBL-BPR-00191: The rowId of the active row of the primary buscomp '%1', '%2', does not match the Primary Id

Applies to: Product Release: V7 (Enterprise) Version: 7.5.3 [16157] ESN Database: Oracle 9.2.0.2 Application Server OS: Microsoft Windows 2000 Server SP 3 Database Server OS: Microsoft Windows 2000 Server SP 3 This document was previously published as Siebel SR 38-1386997031. Symptoms SBL-BPR-00191 We have a error with a workflow. This WF is excuted by policy when a particular activity is closed. The WF Business Object is 'Action'. Inside this WF, there is a subprocess that invokes a Business Service that creates a new activity. In a second subprocess, the region Id of this new activity is updated using the standar update method funcionality of Siebel workflow process. Error processing Siebel Operation for: Business Object 'Action' Business Component 'Action' Primary Id ''1-5NEI6' Operation 'Insert'(SBL-BPR-00100) -- The rowId of the active row of the primary buscomp 'Action', '1-4SNCV', does not match the Prima
המשך לקרוא

Profile Attributes and Open UI

תמונה
Yes, Profile Attributes! As the ever attentive, up-to-date Siebel CRM expert that you are when you read this, you know that in Siebel Open UI (since version 15), it is no longer allowed/supported to  set  Profile Attributes from browser-side script. But  getting  them is not a problem, since the  GetProfileAttr  function works perfectly fine. Recently I found a few vanilla Profile Attributes that came quite handy in my work in Open UI JavaScript: Navigation Type : stores the navigation type such as "NAVIGATION_TAB" ActiveViewName : does what it says on the tin IsOpenUI : returns "1" when the application runs in Open UI Is SUI Theme : when "TRUE", the application theme is Synergy (aka SUI) Position:  returns the currently active position Primary Responsibility Name : guess what this one is… Profile Image : returns the URL of the user's profile image Org.Name : returns the name of the user's organization Here's a sample line of
המשך לקרוא

FINS Data Transfer Utilities

תמונה
The best thing while working on siebel is you are never short of options. Recently we had requirement of updating a Service request from contact. Finally we did that using "EAI Siebel Adapter" business service. However during that time i came across another business service "FINS Data Transfer Utilities" popularly known as DTU business service. As i was not having prior knowledge of it going by the rule of not learning swimming lessons while drowning i decided not to go for it. Lately i have tried to explore this service and trust me it can do wonders. Here is a sample example update of Service Request from contact. We need to follow below steps in order to understand strength of this business service. 1 - Navigate to Site Map. Go to Administration - Application -> Data Map Administration tab. Create a new Record with following options: Name: Service Request Test Source Business Object: Contact Destination Business Object: Service Request Here the source business
המשך לקרוא