Security considerations for Jazz Reporting Service

You can take actions to ensure that your application is secure. You can also ensure that you know about any security limitations that you might encounter with this application.

Report Builder: Advanced query editing considerations

You can edit the underlying SQL or SPARQL query for a report created in Report Builder. By default, advanced query editing is restricted to report managers. This privilege when granted allows complete SQL query generation along with informational error messages which disclose information about how to access the database. As this type of information could be misused if divulged to non-privileged users, take caution to ensure that advanced query editing access is granted to trusted users only. For details on restricting database access, see the Preventing unauthorized queries against the data warehouse data source section of Managing data sources.

Viewing reports from IBM Engineering Lifecycle Management applications that run on a separate server

Report Builder pages cannot be embedded in a frame on a page that is hosted on a different domain. For example, in the Engineering Workflow Management application, go to Plans > Quick Planner > Iteration Planning > Team Progress > History Reports. If your Engineering Workflow Management application runs on a different server than Jazz® Reporting Service, the history reports are not shown. Administrators can configure secure domains so that you can access reports across different servers. For more information, read about Configuring secure access to reports that run on a separate server.

Lifecycle Query Engine and Link Index Provider: Resolving data spills by removing sensitive data

If an administrator removes sensitive data from a Engineering Lifecycle Management application that is registered with Lifecycle Query Engine, the change is indexed by Lifecycle Query Engine automatically. To immediately index the deletion, force an index update, and then compact the data. If you are using the Link Index Provider to manage configurations, do the same steps on the LDX administration page.