Cross-server communication: supposed to also allow automatic access of linked work item?
In order to take advantage of cross-server communication, I did all the setup as described here
https://jazz.net/help-dev/clm/index.jsp?topic=%2Fcom.ibm.help.common.jazz.calm.doc%2Ftopics%2Ftservertoserverestablish.html
and then linked my local project area with the target server's project area, as described in the related article "Linking between project areas" (https://jazz.net/help-dev/clm/topic/com.ibm.help.common.jazz.calm.doc/topics/t_calm_link_projects.html).
I created a test work item on my local repository (myServer), then was able to successfully link a "Related Change Request" on that work item to a work item on the target "friended" server (friendServer).
But I wanted to test this scenario: a user who has access to that myServer can bring up the linked related change request on friendServer. This user does not have a profile on friendServer; he only has a profile on myServer.
Does cross-server communication not allow this? I was hoping that setting this up would avoid the need to create user profiles on the target, friended server, but that doesn't seem to be true.
https://jazz.net/help-dev/clm/index.jsp?topic=%2Fcom.ibm.help.common.jazz.calm.doc%2Ftopics%2Ftservertoserverestablish.html
and then linked my local project area with the target server's project area, as described in the related article "Linking between project areas" (https://jazz.net/help-dev/clm/topic/com.ibm.help.common.jazz.calm.doc/topics/t_calm_link_projects.html).
I created a test work item on my local repository (myServer), then was able to successfully link a "Related Change Request" on that work item to a work item on the target "friended" server (friendServer).
But I wanted to test this scenario: a user who has access to that myServer can bring up the linked related change request on friendServer. This user does not have a profile on friendServer; he only has a profile on myServer.
Does cross-server communication not allow this? I was hoping that setting this up would avoid the need to create user profiles on the target, friended server, but that doesn't seem to be true.
Accepted answer
Expecting that users in one repository could access work items ( via relationships ) in a second repository without membership runs counter to the RTC security model.
Projects are configured by default ( at creation time ) to allow readonly to members of the project hiearchy. It is possible to allow read only to all members of the repository, but that still implies that user sitting at the controls can authenticate and has authorization. It is also possible to allow "self registration" to a repository whereby an ID with some miniumum access is granted upon successful login. But that would also be constrained further by Project access controls.
Said another way: There's really no magic in friend relationships beyond making things more easily "found".
Projects are configured by default ( at creation time ) to allow readonly to members of the project hiearchy. It is possible to allow read only to all members of the repository, but that still implies that user sitting at the controls can authenticate and has authorization. It is also possible to allow "self registration" to a repository whereby an ID with some miniumum access is granted upon successful login. But that would also be constrained further by Project access controls.
Said another way: There's really no magic in friend relationships beyond making things more easily "found".