Authentication and authorization require different kinds of configuration.
Two objects are required to map a directory service's naming context or namespace (a set of names accessible at a given node in the directory server's tree of accounts), to a FileNet® P8 realm:
The following graphic shows the different configurations for authorization and authentication, for a single FileNet P8 domain:
FileNet P8 supports multi-realm authentication provided the application server supports it.