Configuring authentication and authorization
Authentication and authorization require different kinds of configuration.
Two objects are required to map a directory service's naming context or namespace (a set of names accessible at a given node in the directory server's tree of accounts), to a FileNet® P8 realm:
- On the Java EE application server, you set up authentication by configuring the application server's LDAP/authentication parameters that point to a naming context in one of the supported directory servers. (These could optionally point to an SSO solution.)
- Using Administration Console for Content Platform Engine's Directory Configuration Wizard, you then configure authorization by creating a directory configuration object that points to the directory service.
The following graphic shows the different configurations for authorization and authentication, for a single FileNet P8 domain:
FileNet P8 supports multi-realm authentication provided the application server supports it.