Setting up DXL security

You can increase security by controlling how DXL is used in the database. You can control whether all users can run and edit DXL scripts, and also restrict which types of DXL scripts can be run.

Before you begin

Open the database properties. For more information see Configuring the DOORS database.

To use the DXL security function, you must be using a IBM Engineering Requirements Management DOORS (DOORS) 9.3 or later database server, and the server must be configured to exclude DOORS 9.0, 9.1, and 9.2 clients. To exclude these clients, set the minimum client version on the Login Policy tab of the database properties to 9.3.

Procedure

  1. On the Database Properties window, click the DXL Security tab.

    When you don't select any of the options in Edit DXL and Additional DXL Restrictions panes, there are no restrictions on running and editing DXL. To enable DXL restrictions, you must select the options in both of these panes.

    • To control whether users can run and edit DXL, select or clear Only users with Edit DXL power may edit and run DXL. If you select the check box, you can determine which users can run and edit DXL on the General tab of the New/Edit Users window. If you clear the check box, all users can run and edit DXL without restrictions. You must log in to the database as an administrator user to control this settings.
      • If you select Only users with Edit DXL power may edit and run DXL option, users with the "Edit DXL" power can run DXL with no restrictions.
      • If you select Disable batch mode for users without Edit DXL powers option, users without "Edit DXL" power cannot run any DXL.
      • If you do not select Disable batch mode for users without Edit DXL powers option, users without "Edit DXL" power can only run DXL files under the DXL restrictions specified.
    • To restrict which types of DXL scripts can be run, use the fields on the Additional DXL Restrictions pane. Type the path to a DXL addins folder in the appropriate field, and the path to a batch file folder, and then select the Enable DXL Restrictions option. All the fields are controlled by selecting or clearing the Enable DXL Restrictions check box.
      Important: The paths specified are exceptions.

      For example, Disable absolute batch file path except the path specified in Batch files path field.

      You must log in to the database as an administrator user to control this setting.

  2. Click OK.

Feedback