Configuring Jazz Team Server container authentication for Document Builder

You can set up a Jazz Team Server (JTS) to provide authentication for Document Builder.

Before you begin

A new or existing JTS using container authentication is required.

About this task

This type of authentication is supported on WebSphere® Application Server and WebSphere Application Server Liberty Profile . The Liberty server must be configured for https connections.

Note: When Document Builder is configured with JTS container authentication, if you are logged into Document Builder , you do not have to enter the data source credentials again when generating a document with data from any IBM Engineering Lifecycle Management (ELM) applications that use the same JTS . To take advantage of not having to re-authenticate, see the following details:
  • Document Builder must have the same domain as the JTS.
  • This type of authentication will also work for smart card or certificate authentication if the JTS is configured with client-cert authentication. Kerberos authentication is also supported.
  • The LTPA token life must be long enough that it does not expire before the document generation is completed. The default life is 2 hours. You can configure LTPA timeouts on your application server, for example in WebSphere Liberty , you can customize the server.xml for Engineering Lifecycle Management.
  • If the data source connection is to ELM application registered with another JTS, then you must provide connection credentials when generating a document.
  • Document Builder must operate in HTTPS mode, for example https://hostname:port/rpeng/)
  • This setting does not work for scheduled document generations.


  1. Log in to the JTS as an administrator at https://<server>:<port>/jts/admin.
  2. Go to Server > Configuration > Registered Applications.
  3. Click Add.
  4. In the Add Application window, enter the following information about your application:
    1. In the Application Name field, enter a unique name for the application.
    2. In the Discovery URL field, enter the URL to Document Builder, for example https://server:port/rpeng/scr.
    3. In the Consumer secret field, enter a consumer secret for the application that you are registering. JTS will automatically generate a consumer key.
    4. In the Functional User ID field, enter pub_user.
    5. Click Finish.
  5. Log in to Document Builder as an administrator.
  6. To administer the application, click Administration menu in the product banner.
  7. Select Administer from the drop-down menu.
  8. Click Runtime Variables tab.
  9. In the Runtime Variables tab, expand Authentication Switching, and click the Edit link.
  10. In the Authentication type drop-down list, select JTS Authentication.
  11. Click Save.
  12. If you get a confirmation dialog when you log in asking you to allow the Document Builder server to collaborate with the JTS, follow the steps in the Verifying that the report server is a trusted client on the Jazz Team Server section of the linked topic. Substitute the Document Builder server values for the report server.
    Note: Document Builder appears in the list of applications in the Jazz home menu.
    Generate Documents in menu