Dear Kristina
at the time being, the Knowage security system is very similar to SpagoBI's one, therefore you can have a look at SpagoBI documentation:
for authentication:
http://wiki.spagobi.org/xwiki/bin/view/spagobi_server/sso#HHowtoenableSSO
for authorization:
http://wiki.spagobi.org/xwiki/bin/view/spagobi_server/User+Management_v3
Summary: you have to implement some Java classes, deploy them (with their dependencies) into Knowage wars and configure them. SsoServiceInterface.readUserIdentifier is in charge of retrieving the user id from SSO system, ISecurityServiceSupplier.createUserProfile is in charge of retrieving the roles and attributes of the user; SsoServiceInterface.readTicket and SsoServiceInterface.validateTicket methods are in charge of securing the SOAP backend services.
Note: the Knowage security mechanism is going to change with the next release, the main change is that you'll need to protect with SSO only the Knowage core application, while at the moment you need to protect ALL Knowage applications (core + external engines).
Hope this helps
Cheers