During installation, Design Management security is enabled by default and all security is provided through the Jazz Team Server. When you install Design Management Server, you do not have the option of setting different levels of security, but you are presented with different levels of access, depending on the Design Management license, project membership, and project roles.
Design Management runs on an application server. If you use Apache Tomcat, basic security is enabled by default; however, if you use WebSphere Application Server, you must explicitly configure a security mode, usually through Lightweight Directory Access Protocol (LDAP). WebSphere Application Server has explicit LDAP settings, and during the installation of the Jazz Team Server, the initialization of the main administrator user ID enables the LDAP server to be configured. Security between the web client and server is handled through the standard HTTPS secure protocol.
With the exception of the Apache Derby database, external databases require a password for the database administrator that is defined when the connection to that database is specified during the Jazz Team Server setup process. Verification is possible by running the Jazz Team Server diagnostics.
All security settings apply to silent installations as well.
Applications such as Design Management that are installed on the same Jazz Team Server use the same authentication mechanism (OAuth protocol); access controls are standard capabilities that are provided by the Jazz Team Server.
Single sign-on and a common user ID and password are handled by using delegated authentication to a common set of user IDs and passwords that are provided by the Jazz Team Server.
When an application requires an internal ID, the application uses a standard formatted internal ID that is common to all applications running on the Jazz Team Server. For example, for Design Management, the internal ID that is common to all applications is the dm_user internal user and the Design Management application internal license.
The Design Management application uses the standard HTTPS secure protocol.
A Design Management user ID is specified when the user account is created, and the default assigned password is the same as the user ID. You can use the Jazz Team Server administration pages to change user IDs and related passwords.
If you encounter problems, error messages typically provide a description of the issue and might also contain an explanation and suggested user actions. The Jazz Team Server and the Design Management Server log files contain more detailed information about the error.
With the proper permissions, you can create and delete user IDs by using the Jazz Team Server administration pages. When a project area is created, user IDs can be designated as members of that project and be assigned roles; however, only a project administrator can perform these actions. When you set up user roles and access for the Configuration Management Application server, access restrictions are added at the configuration space level (each Design Management project belongs to one configuration space) to restrict users from creating and modifying configurations in that space. Also, on the Configuration Management Application server, an administrator can specify access controls for users on each configuration, if necessary.
This software offering does not use cookies or other technologies to collect personally identifiable information. For additional information about cookies, see the Notices topic.