A Content Platform Engine logical group whose members are any
authenticated user principal. Any user account that can successfully log in belongs to this
group.
- #AUTHENTICATED-USERS
#AUTHENTICATED-USERS is similar to the special group Authenticated
Users in Windows 2000. It does not have specific memberships
that you can modify, and it does not include anonymous users or guests.
If
you specify #AUTHENTICATED-USERS to be a default user or group of
an object store, then all users who log in to the
FileNet P8 domain are automatically
made members of this group. It will appear on the Default Instance
Security ACL of all classes. Therefore each instance of the class
will include #AUTHENTICATED-USERS on its own ACL. If you do not change
the default, the net effect will be that any user who can log in to
the
FileNet P8 domain
will be able to:
- View all object stores (default level = Use stores and
services)
- View all folders (default level = View properties)
- View all documents, both properties and content (default level
= View content)
- View all custom objects (default level = View properties)
If this is not what you want, you could:
- Remove #AUTHENTICATED-USERS from the particular class or classes.
(You can, of course, remove it from individual objects, but this is
not a recommended method for efficiently administering security across
many classes and objects.)
- Add deny groups to the class Default Instance
ACL; this will effectively remove the members of the deny group from
the #AUTHENTICATED-USERS group.
- Use a non-security method such as exploiting the IsHiddenContainer property
which applications use to hide a folder.
#AUTHENTICATED-USERS and #CREATOR-OWNER are referred
to as Special accounts in the Administration Console for Content Platform Engine Select Users
and Groups dialog box.