It's all about the answers!

Ask a question

How to limit access permissions of teamserver.properties to the minimum required ?


BALOUIN Céline (111) | asked Jun 03 '13, 4:39 a.m.
Since teamserver.properties contains JDBC password to connect to DB2, customer would like to limit access permissions of teamserver.properties to the minimum required to meet their security policy.Which user (in terms of "user account" on a working RTC system) should have read/write access to the teamserver.properties file, in order to make RTC as a system work properly (the expected answer here is something like, "the user account which runs/owns the JTS process", or "all user accounts who have access to the designated RTC server", etc.) ?
Customer has no plan to user additional middleware such as LDAP,

4 answers



permanent link
Sandy Grewal (1.6k1223) | answered Jun 03 '13, 8:39 a.m.
JAZZ DEVELOPER
The teamserver.properties access(read and write) is needed by the UserId that is running the RTC process, other than that technically no one else needs access to it.

permanent link
VK L (8177157159) | answered Jun 03 '13, 5:17 a.m.
 RTC/Infrastructure Administrators can have access to this file.

Thanks.

permanent link
Indradri Basu (1.8k1514) | answered Jun 03 '13, 5:23 a.m.
edited Jun 03 '13, 6:05 a.m.
Not sure how your authentication mechanism is set for CLM applications, but users generally don't need access to the server itself. The user ids resides on the repository which is used for authentication mechanism, like LDAP, WAS federated repository or Tomcat registry. So, basically you create the users in those repositories and not at OS level unless you are using Operating system security with your application server.
Moreover, the JDBC password is encrypted in the teamserver.properties file and it is a good practice to take backup of the configuration data (specially <CLM_Installation_root>/server/conf) periodically.

permanent link
BALOUIN Céline (111) | answered Jun 04 '13, 4:31 a.m.
Thanks to all of you for your answers, very helpfull. I really appreciated !

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.