Repository tools command to enable an ELM application for Jazz Security Architecture single sign-on
Use the migrateToJsaSso command to enable Jazz Security Architecture single sign-on (SSO) authentication for the Jazz® Team Server or specified IBM® Engineering Lifecycle Management (ELM) application that is registered with the server.
Before you begin
- Before you run the command, you must upgrade Jazz Team Server and any applications that will be enabled for Jazz Security Architecture SSO to version 6.0 or later. The upgrade must be complete and verified.
- This command applies to ELM applications that have repotools command scripts: Jazz Team Server, Change and Configuration Management, Data Collection Component, Global Configuration Management, Quality Management, Engineering Insights, and Requirements Management.
- The server must be offline when you run the command.
The migrateToJsaSso command is one of two repository tools commands that enables Jazz Security Architecture SSO authentication for ELM deployments. You run this command after the prepareJsaSsoMigration command is run for the Jazz Team Server and all ELM applications that will be enabled. Both commands must be run on the Jazz Team Server if any applications that are registered with the server are enabled for Jazz Security Architecture SSO. Not all applications must be enabled at the same time. However, the login experience is not a single sign-on process until all ELM applications that are registered with the Jazz Team Server are enabled.
The data file generated by running the prepareJsaSsoMigration command for the Jazz Team Server must be available when you run the migrateToJsaSso command for the ELM applications. If the ELM applications are deployed on different servers than the Jazz Team Server, the Jazz Team Server data file must be copied to the servers that host the ELM applications. All of the servers must be stopped before the migrateToJsaSso commands are run.
Purpose
You run the migrateToJsaSso command while the Jazz Team Server and ELM applications are offline. The command needs a data file that is generated by the prepareJsaSsoMigration command.
Parameters
| Attribute | Description | Required | Default |
|---|---|---|---|
| authServerURL | Root URL of the Jazz Authorization Server. | Yes | none |
| authServerUserID | Administrator user ID for the Jazz Authorization Server. | No Note: This parameter is required if the default ADMIN
user does not exist in the user registry that is configured for the
Jazz Authorization Server.
|
ADMIN |
| authServerPassword | Administrator password for the Jazz Authorization Server. | No Note: This parameter is required if the default ADMIN
user does not exist in the user registry that is configured for the
Jazz Authorization Server.
|
ADMIN |
| jtsSsoDataFile | Path to the data file created by the prepareJsaSsoMigration command that was run for the Jazz Team Server. | No | jts-ssoMigrationData.json |
| appSsoDataFile | Path to the data file created by the prepareJsaSsoMigration command that was run for this application. | No Note: This parameter should not be used when the command
is run for the Jazz
Team Server.
|
application-ssoMigrationData.json where application is ccm, dcc, gc, qm, relm, or rm |
| teamserver.properties | Path to the teamserver.properties file. | No | conf/application/teamserver.properties where application is jts, ccm, dcc, gc, qm, relm, or rm |
| logFile | Path to the log file. |
No |
repotools-application_prepareJsaSsoMigration.log where application is jts, ccm, dcc, gc, qm, relm, or rm |
Example
The following example is for Jazz Team Server. To use this command for a different ELM application, use the repotools script associated with that application. Table 1 describes each repotools script and the associated ELM application that it manages. The scripts are in the JazzInstallDir/server directory.
| Script | ELM application |
|---|---|
| repotools-ccm | Change and Configuration Management |
| repotools-dcc | Data Collection Component |
| repotools-gc | Global Configuration Management |
| repotools-qm | Quality Management |
| repotools-relm | Engineering Insights |
| repotools-rm | Requirements Management |
Open a command prompt and enter this command:
cd C:\Program Files\IBM\JazzTeamServer\server\ repotools-jts.bat -migrateToJsaSso authServerURL=https://hostname.example.com:9643/oidc/endpoint/jazzop
Open a command line and enter
this command:
cd opt/IBM/JazzTeamServer/server ./repotools-jts.sh -migrateToJsaSso authServerURL=https://hostname.example.com:9643/oidc/endpoint/jazzop