This illustration shows four components of a hypothetical directory-based application security deployment:

An arrow points from the directory access control policies in the Directory Store to the Directory Server Instance. This arrow indicates that the directory access control policies are enforced by the Directory Server Instance.

Within the Directory Store, an arrow points from the directory access control policies to application policies stored in the directory. This arrow indicates that the directory access control policies govern administrative control over application policies stored in the directory.

Two sets of arrows point from elements in the Directory Store to elements in both Application 1 and Application 2.

Finally, within both Application 1 and Application 2, an arrow points from application resources and operations to the application itself. This arrow indicates that these application resources and operations are accessed through the respective application.