Configuring authentication and authorization

Authentication and authorization require different kinds of configuration.

Two objects are required to map a directory service's naming context or namespace (a set of names accessible at a given node in the directory server's tree of accounts), to a Content Cortex realm:

On the Java EE application server, you set up authentication by configuring the application server's LDAP/authentication parameters that point to a naming context in one of the supported directory servers. (These could optionally point to an SSO solution.)
Using Administration Console for Content Platform Engine's Directory Configuration Wizard, you then configure authorization by creating a directory configuration object that points to the directory service.

The following graphic shows the different configurations for authorization and authentication, for a single Content Cortex domain:

Authorization and authentication configurations for a single Content Cortex domain.

Content Cortex supports multi-realm authentication provided the application server supports it.