The primary servers in FileNet® P8 are Content Platform Engine.
The following subtopics describe how these servers perform authentication.
- Content Platform Engine authentication
architecture
The next figure shows a high-level view of a Content Platform Engine server and some of
the types of client applications that access it. Content Platform Engine is packaged as a Java
EE application, deployed on one or more Java EE application server
instances. The key components of this application are:
- The Content Platform Engine Web
Service listener. This listener is packaged as a servlet-based application
that resides in the Web container of the application server. The listener
implements the Content Platform Engine Web
service and supports FileNet P8 Web
service clients. The listener exposes the full functionality of the Content Platform Engine server through a standard
Web services API. Requests that arrive at this Web service are authenticated
based on the credentials in their WS-Security headers, and then passed
on to the Content Platform Engine EJB
layer.
- The Process Engine Web Service
listener. This listener is packaged as a servlet-based application
that resides in the Web container of the application server. The listener
implements the Process Engine Web
Services API and supports FileNet P8 Web
service clients. The listener exposes a subset of functionality that
is in the Process Engine Java
API. Requests that arrive at this Web service are authenticated based
on the credentials in their WS-Security headers, and then passed on
to the Process Engine EJB layer.
- The Content Platform Engine EJBs.
These Java EE session beans reside in the EJB tier of the application
server and implement the same Web services API as the Content Platform Engine Web Service, exposing
them through an Enterprise Java Bean interface, rather than a Web
services interface. All clients of this EJB layer must perform a JAAS
login prior to sending a request to one of the EJBs.
- The JAVA API. Process Engine applications
can have a JAVA and a WSDL to a Process Engine Web
Services API for use in their own web services client framework.
- The core content management logic resides in the resource adapter
tier of the application server.
- The Process Engine EJBs are
EJB 3 which reside in the EJB tier of the application server. A Process Engine client application can
use the same Java API to connect to Process Engine via EJB or HTTP. The HTTP
transport however only accepts Username/Password as the main authentication
mechanism.
The Web Service Listener and EJB layers are referred to as
the two transport layers of Content Platform Engine.
All client requests enter Content Platform Engine through
one of these two transport layers, which include the previously separate Process Engine listener layer and EJB
layers. The Process Engine EJB
layer includes a number of EJB 3 for the Process Engine API and other supporting
components, such as Case Analyzer.
