If the same people use IBM® Business Process Manager and Enterprise Content Management, you might be able to use single sign on to allow them to access both systems with a single log on ID.
About this task
For general information about application security for IBM BPM, see Understanding elements of application security and WS-Security specification.
For an introduction to SSO, see Single sign on.
Procedure
- Where you set up the Enterprise Content Management server configuration, there is a check box labelled Always use connection information specified here, which is selected by default. If you want to use single sign on, you must clear this check box. When that check box is not selected, the IBM BPM system uses individual user IDs for authentication and projects the identity to the Enterprise Content Management server. For more information about authentication between IBM BPM and the Enterprise Content Management server, see Authentication scenarios for the Enterprise Content Management server.
- When a Content Integration step-type is called from a Human Service or Coach, the outbound JAX-WS call is done using the current user, rather than the user specified in the configuration settings for the Enterprise Content Management server. For technical details of how calls are routed when you are using SSO or the WS-Security UsernameToken authentication mechanism, see [topic to come].
- Configuring
cross-cell security for IBM BPM and IBM Case Manager:
provides
detailed instructions that you can apply to enable single sign on
if you are using an IBM Enterprise Content Management server.