Configuring Jazz Team Server container authentication for Publishing Document Builder

You can set up a Jazz Team Server (JTS) to provide authentication for Publishing Document Builder.

Before you begin

A new or existing JTS using container authentication is required.

About this task

This type of authentication is supported on WebSphere® Application Server and WebSphere Application Server Liberty Profile . The Liberty server must be configured for https connections.

Note: When Publishing Document Builder is configured with JTS container authentication, if you are logged into Publishing Document Builder , you do not have to enter the data source credentials again when generating a document with data from any IBM Engineering Lifecycle Management (ELM) applications that use the same JTS . To take advantage of not having to re-authenticate, see the following details:
  • Publishing Document Builder must have the same domain as the JTS.
  • This type of authentication will also work for smart card or certificate authentication if the JTS is configured with client-cert authentication. Kerberos authentication is also supported.
  • The LTPA token life must be long enough that it does not expire before the document generation is completed. The default life is 2 hours. You can configure LTPA timeouts on your application server, for example in WebSphere Liberty , you can customize the server.xml for Engineering Lifecycle Management.
  • If the data source connection is to ELM application registered with another JTS, then you must provide connection credentials when generating a document.
  • Publishing Document Builder must operate in HTTPS mode, for example https://hostname:port/rpeng/)
  • This setting does not work for scheduled document generations.

Procedure

  1. Log in to the JTS as an administrator at https://<server>:<port>/jts/admin.
  2. Go to Server > Configuration > Registered Applications.
  3. Click Add.
  4. In the Add Application window, enter the following information about your application:
    1. In the Application Name field, enter a unique name for the application.
    2. In the Discovery URL field, enter the URL to Publishing Document Builder, for example https://server:port/rpeng/scr.
    3. In the Consumer secret field, enter a consumer secret for the application that you are registering. JTS will automatically generate a consumer key.
    4. In the Functional User ID field, enter pub_user.
    5. Click Finish.
  5. Log in to Publishing Document Builder as an administrator.
  6. To administer the application, click Administration menu in the product banner.
  7. Select Administer from the drop-down menu.
  8. Click Runtime Variables tab.
  9. In the Runtime Variables tab, expand Authentication Switching, and click the Edit link.
  10. In the Authentication type drop-down list, select JTS Authentication.
  11. Click Save.
  12. If you get a confirmation dialog when you log in asking you to allow the Publishing Document Builder server to collaborate with the JTS, follow the steps in the Verifying that the report server is a trusted client on the Jazz Team Server section of the linked topic. Substitute the Publishing Document Builder server values for the report server.
    Note: Publishing Document Builder appears in the list of applications in the Jazz home menu.
    Generate Documents in menu

    For more information, see the video Simplified Jazz Team Server authentication in Publishing Document Builder