Configuring DOORS for server security
Server security tasks are handled by interoperation servers. When server security is enabled, the server environment must have three main parts: a DOORS database server, an ActiveMQ message broker, and at least one DOORS interoperation server.
To enable server security, you must walk through the following methods:
- Authentication methods
- Configuring and running
Authentication methods
Authentication method | Description |
---|---|
Username and password |
The server verifies the username and encrypted password that is provided by the client. |
User keys |
The server identifies the user by checking user key mappings with its distinguished name (this information is stored inside the client's certificate). To be able to use this method, all of the DOORS users must be mapped to their corresponding keys, and when they start the client, the correct certificate must be used. For example, assume that there is a standard DOORS user named test42. To able to use this method, the system administrator must generate a unique certificate for this user with their information, including a distinguished name (for example: TEST42). Then, the DOORS manager needs to map the test42 user to its certificate by using the distinguished name (this can be done by adding a user key like DN=TEST42). After this mapping configuration, the test42 user can start their DOORS client with this certificate using -certName <label> in the DOORS desktop shortcut, connect to the DOORS database server, and work as usual. |
Username and password and user key |
The server first does the same operations for user keys and then for username and password. |
- If you are using the Rational® Directory Server, you can use only the username and password method.
- Two-factor authentication is not currently supported with server security.