How to set user password
HI ALL,
I create a user ,but I don't know how to set password? who can help me? |
11 answers
I've got the same question - I feel like I must be missing something.
|
It will depend on the authentication implementation you have configured
in your application server. If you are using the Out-of-the-box tomcat based server found in the JazzTeamServer-<TAG>.zips then that is configured to use tomcats simple xml file based authentication lookup. You can add or edit your users and passwords in the tomcat-users.xml found in this directory: jazz\server\tomcat\conf If you have something else configured then you need to talk to whoever set it up in the first place (Administrator ?). Richard Jazz WebUI and Server Development ericlee wrote: I've got the same question - I feel like I must be missing something. |
|
I did following step :
In the Members section ,Press the Create button. On the User Information page enter the name, user id, and email address. but the step don't set password. I use the password "ADMIN" to login. but I don't how to change? and I open the file tomcat-users.xml .The file havn't new created user. I don't setup anything on server. |
wangwyu@cn.ibm-dot-com.no-spam.invalid (openeis) wrote in news:fn6jrf$dn0$1
@localhost.localdomain: I did following step : Hello Adding a user from the RTC client will add the user in the database, it will not modify the tomcat-user.xml (I believe) Then we need to add the same user in the tomcat user registry (tomcet- user.xml) When we log on, tomcat will check its own registry (tomcate-user.xml) and if the log in is ok, it will pass the credentials (userid/password) to the Jazz server. The jazz server will then check in its own database to understand if the user is a JazzAdmins, a JazzUsers or a guest So we have a double check 1) authentication challenge in the application server 2) retrieval of authorizations (roles) from the database Does it help ? -- Christophe Elek Serviceability Architect IBM Software Group - Rational |
|
I don't change tomcat-users.xml file .The new created user can login by rtc client .The new user is created following "The Jazz Tutorial/Creating a Project Area and Team Area/Sidebar: Creating Users and Process Areas"
So RTC doesn't have a double check.it only check "2) retrieval of authorizations (roles) from the database". If RTC must have a double check,I think it should be a defect. Which talbe store the user password in the database? |
|
wangwyu@cn.ibm-dot-com.no-spam.invalid (openeis) wrote in news:fnmbof$f0v$1
@localhost.localdomain: So RTC doesn't have a double check.it only check "2) retrieval of behave like this. For instance, if I do not secure IBM WebSphere Application Server, I just have to enter a name... nothing else, no password. But when you secure the application server, the credentials are checked against your user registry... and onyl then are you allowed... Do you consider securing the aplication server a 'bad idea' ? Meaning you can only access the server if you are challenged ? Which talbe store the user password in the database? I do not know. When I asked, I believe the answer was' it is in different linked tables'. What I know is thta repotools team is looking at the feature of 'adding users from the command line'. Is thta ok you think ? -- Christophe Elek Serviceability Architect IBM Software Group - Rational |
|
thanks a lot.
I missed the secure comments of guide .I think the secure comments is only for SSL.So I don't setup . |
|
I have a other question.
General Users(not administrator) must change password every month or three month in many companiess such as IBM . How to change password in RTC Client. |
|
wangwyu@cn.ibm-dot-com.no-spam.invalid (openeis) wrote in news:fns4b2$824$1
@localhost.localdomain: How to change password Hello, I would answer like this ...'it depends :) ' If you use LDAP to authenticate, then the user will only have to change the LDAP password. If you use your own 'user registry' (either in Tomcat or IBM WebSphere Application Server) then it also depends on the user registry... - If the user registry allows the user to connect and change the password, then business as usual (i.e a database with a client application to manage userid and password) - If the user registry is not available to user, then you should have a process to ask for a password change (that is obfuscated from the Admin who will do it of course) Then there is the issue of 'forcing a password change every month' - I believe LDAP servers support that, so do most OSes (in case you use the OS as a user registry) - For your own user registry, then you will have to invent a process Now, What is your concern ? I do not believe we store passwords in the Jazz database... So you would not need RTC client to change the password right ? Let meknow, maybe I missed the question... and if so , I apologize... -- Christophe Elek Serviceability Architect IBM Software Group - Rational |
|
According your comments ,I will try IBM LDAP(ITDS) authenticate in future.Now I only evaluate RTC for small test team.
If I solve the authenticate question , I will let my team members try business function. |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.