How to limit access permissions of teamserver.properties to the minimum required ?
Since teamserver.properties contains JDBC password to connect to DB2, customer would like to limit access permissions of teamserver.properties to the minimum required to meet their security policy.Which user (in terms of "user account" on a working RTC system) should have read/write access to the teamserver.properties file, in order to make RTC as a system work properly (the expected answer here is something like, "the user account which runs/owns the JTS process", or "all user accounts who have access to the designated RTC server", etc.) ?
Customer has no plan to user additional middleware such as LDAP,
Customer has no plan to user additional middleware such as LDAP,
4 answers
Not sure how your authentication mechanism is set for CLM applications, but users generally don't need access to the server itself. The user ids resides on the repository which is used for authentication mechanism, like LDAP, WAS federated repository or Tomcat registry. So, basically you create the users in those repositories and not at OS level unless you are using Operating system security with your application server.
Moreover, the JDBC password is encrypted in the teamserver.properties file and it is a good practice to take backup of the configuration data (specially <CLM_Installation_root>/server/conf) periodically.
Moreover, the JDBC password is encrypted in the teamserver.properties file and it is a good practice to take backup of the configuration data (specially <CLM_Installation_root>/server/conf) periodically.