Security administrators and security tools
Working with security requires several administrative accounts and a number of different tools.
FileNet® P8 provides several important security roles:
- Global configuration database (GCD) administrators (gcd_admin) create FileNet P8 domain resources like object stores and fixed content devices.
- Object store administrators (object_store_admin) create file storage areas, classes, folders, security policies and other object store resources. The GCD administrator is not automatically also an object store administrator, although GCD administrators can grant themselves this additional role.
- Application Engine administrator sets up Workplace and Workplace XT site preferences.
FileNet P8 provides the following tools for configuring security:
- Administration Console for Content Platform Engine
- This is the tool that system administrators will use in their daily work. Administration Console for Content Platform Engine gives system administrators easy access to most of the administrative and security features needed for Content Platform Engine security configuration tasks, including assign access rights to workflow rosters, work queues, and user queues.
- Workplace and Workplace XT, and related applications (Application Integration, IBM® Enterprise Records, IBM FileNet eForms for P8)
- The security context for applications is defined and maintained by a combination of Content Platform Engine, and Workplace or
Workplace XT. Consider the following examples:
- Object security (documents, folders, custom objects, events) is maintained by Content Platform Engine.
- Workplace and Workplace XT maintain their own configuration settings in their site preferences, which can be considered a security feature because they determine such things as whether a user can see certain types of documents. Site preference for Default Access Roles determines the members of such roles as Application Engine Administrators, PSConsole, PSDesigner, PWAdministrator, PWConfiguration, and PWDesigner.
- Workplace and Workplace XT also make use of rosters, queues, and other workflow-related objects that are created and maintained as a part of Content Platform Engine security.