JAVA-based client authentication (JAAS) Content Platform Engine accepts
requests either through a standard Java EE EJB or through the Content
Engine Web service. Clients of the Content Platform Engine Java API have the option
of choosing to use either of these transport layers.
Single sign-on integrations via JAAS
The implementation of the Content Platform Engine server as a Java EE
application allows it to take advantage of integrations between the
Java EE application-server vendors and the leading single sign-on
(SSO) solution providers such as IBM's Tivoli Access Manager and CA/Netegrity's
SiteMinder. These are the two solutions that are currently qualified
for end-to-end FileNet® P8 deployments.
Web-Services-based client authentication via Ws-Security
Two WS-Security profiles, the Username Token profile and
the Kerberos profile, are supported by FileNet P8. Support for additional
standard profiles, as well as non-standard WS-Security compliant approaches,
can be integrated with FileNet P8 Web
services, using the FileNet P8 Web
Service Extensible Authentication Framework.
IBM Content Navigator authentication IBM® Content Navigator is
a web client that provides users with a web console for working with
content stored on IBM
FileNet Content Manager repositories.
Application Engine and Workplace authentication
The Application Engine server
hosts the Workplace Web
application, Workplace Java™ applets, workflow applets,
and application development tools. Application Engine is the presentation layer
for both process and content. A number of different components run
on Application Engine.
Kerberos for Content Platform Engine
Kerberos support is available to clients of the Content Platform Engine Web Services API, the Content Platform Engine .NET API, and the Content Platform Engine COM API. Many third-party
COM and Web-service-based applications are also available that can
take advantage of this Kerberos support.