Authorization

When authentication is enabled in FTL, all users of administrative clients, FTL clients and FTL servers must belong to certain groups to participate in the FTL realm. This requirement is always enforced when authentication is enabled, in order to separate unprivileged FTL clients from privileged FTL servers and administrators.

For details on these required groups, see FTL Server Authorization Groups. For information on how to map groups in your authentication service to FTL-specific groups, see Mapping Authorization Groups.

In addition, you may optionally enable fine-grained authorization checks for the following resources:

Destinations
Persistence clusters
Persistence stores
eFTL channels

See Permissions and Configuring Permissions for more information on fine-grained permissions. See Enforcing Permissions for the effect of fine-grained permissions on client programs.

Did you find this helpful?

Yes No