Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Trusted consumers?

We're trying to understand the RTC-to-RTC integration capabilities of
RTC 2.0.0.2. In the Cross-server communication setup there is this help
text for the Trusted checkbox:

"Trusted consumers will be able to share authorization with other
trusted consumers and users will not be prompted for approval to access
data. It is recommended that external web sites or products are
considered as untrusted."

Say that there's a link from a work item in project 1 that links to a
work item in project 2. Does having "Trusted" checked mean that a user
authorized to project 1 can see info from project 2 without being
authorized to project 2?

Or does the cross-server communication just suppress a login to project
2 if the user exists in both projects?

I'm trying to understand exactly what are the security implications of
selecting Trusted.

0 votes



3 answers

Permanent link

 I am also interested in this. I don't really understand, what really changes in OAuth authentication if we check this "Trusted" checkbox?

0 votes


Permanent link
I'm interested in this too. Can someone please comment?

0 votes


Permanent link
Does anyone know how the RTC to RTC integration security works?


On 2/16/10 12:33 PM, Mark Ingebretson wrote:
We're trying to understand the RTC-to-RTC integration capabilities of
RTC 2.0.0.2. In the Cross-server communication setup there is this help
text for the Trusted checkbox:

"Trusted consumers will be able to share authorization with other
trusted consumers and users will not be prompted for approval to access
data. It is recommended that external web sites or products are
considered as untrusted."

Say that there's a link from a work item in project 1 that links to a
work item in project 2. Does having "Trusted" checked mean that a user
authorized to project 1 can see info from project 2 without being
authorized to project 2?

Or does the cross-server communication just suppress a login to project
2 if the user exists in both projects?

I'm trying to understand exactly what are the security implications of
selecting Trusted.

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details

Question asked: Feb 16 '10, 1:38 p.m.

Question was seen: 5,087 times

Last updated: Mar 23 '18, 4:38 a.m.

Confirmation Cancel Confirm