Configuring authentication and authorization

Authentication and authorization require different kinds of configuration.

Two objects are required to map a directory service's naming context or namespace (a set of names accessible at a given node in the directory server's tree of accounts), to a FileNet® P8 realm:

• On the Java EE application server, you set up authentication by configuring the application server's LDAP/authentication parameters that point to a naming context in one of the supported directory servers. (These could optionally point to an SSO solution.)
• Using Administration Console for Content Platform Engine's Directory Configuration Wizard, you then configure authorization by creating a directory configuration object that points to the directory service.

The following graphic shows the different configurations for authorization and authentication, for a single FileNet P8 domain:

FileNet P8 supports multi-realm authentication provided the application server supports it.