Use the server administration interface to establish cross-server
communication between Jazz technology
platform products that are registered with separate Jazz® Team Servers. You can then associate project
areas and team members can link artifacts in applications on friend
servers.
Before you begin
Use this procedure to add the location information for each Jazz application, create a provisional OAuth consumer key, and send a request to the friend
application.
Note: When Jazz Security Architecture single sign-on (SSO) authentication is enabled and the friend applications are registered with the same Jazz Authorization
Server, use this procedure only to add the location information for each Jazz application. In such a deployment, instead of using OAuth consumer keys, the friend relationship is established by using the OpenID Connect (OIDC) authentication protocol. OIDC authentication is simpler than OAuth authentication because no OAuth consumer key is involved and therefore, no approval of a provisional consumer key is required.
Procedure
- Log in to the Jazz server
by using an account that has Jazz Administrator
privileges. Typical URLs for some Jazz technology
platform products are:
- IBM® Engineering Workflow Management:
https://host-name:9443/ccm/admin
.
- IBM Engineering Test Management:
https://host-name:9443/qm/admin
.
- Jazz Team Server and IBM Engineering Requirements Management DOORS® Next:
https://host-name:9443/jts/admin
.
- IBM Engineering Lifecycle Optimization Engineering Insights:
https://host-name:9443/relm/admin
.
- On the Server Administration page,
click the Server tab.
- If the friend application is registered with a different Jazz Team Server
than the current application, do the following steps to add the server to each other
whitelist.
- In the Communication section, click Whitelist
(Outbound).
- In the Enter Base URL field, enter the base URL of the fiend
application server that you want to link to, followed by a /.
For example, URL for Jazz
technology platform product is:
htpps://host-name:9443/
- Click Add.
- Repeat the Step a to c in the friend applications to add the current server to their
application whitelist.
- In the Communication section of the source application, click Friends
(Outbound).
- At the Friends List, click Add.
The Add Friend window opens.
- In the Name field, enter a name
to identify the friend application; for example:
RM Server
or QM
Server
.
- At the Root Services URI field,
enter the URI for the application. Typical Root Services URIs for Jazz technology platform products
are:
- Jazz Team Server:
https://host-name:9443/jts/rootservices
.
- Engineering Workflow Management:
https://host-name:9443/ccm/rootservices
.
- Engineering Test Management:
https://host-name:9443/qm/rootservices
.
- DOORS Next:
https://host-name:9443/rm/rootservices
- IBM Engineering Requirements Management DOORS :
https://host-name:9443/dwa/rootservices
- Engineering Insights:
https://host-name:9443/relm/rootservices
- Optional: In the OAuth Secret and Re-type
Secret fields, enter an OAuth secret code phrase to associate
with the new OAuth consumer key. This string can contain one or more
words and special characters, and cannot exceed 50 characters. This
string is never displayed in the user interface, and you do not enter
this string again. This string, also called an OAuth consumer secret,
acts as a password to access the friend server.
Note: These fields are displayed only if you are configuring OAuth friends. If one or both of the friend applications have Jazz Security Architecture SSO enabled and are registered with the same Jazz Authorization
Server, the
fields are not displayed.
- Optional: Select the Trusted check
box.
Notes:
- This check box is displayed only if you are configuring OAuth friends. If one or both of the friend applications have Jazz Security Architecture SSO enabled and are registered with the same Jazz Authorization
Server, this
check box is not displayed.
- Trusted consumers can share authorization with other trusted consumers
and do not require user approval to access data.
- Click Create Friend. A confirmation
message opens. Click Next to continue.
- Optional: Create a provisional OAuth consumer
key.
Note: If one or both of the friend applications have Jazz Security Architecture SSO enabled and are registered with the same Jazz Authorization
Server, these fields
are not displayed.
- Click the link Grant
access for the provisional key. If you do not have administrator
permissions on the targeted application server, work with a member
of that administrator group to get approval for provisional OAuth
consumer keys.
- In the Authorize Provisional Key window,
click Approve and Finish.
- On the Server tab, select the Consumers
(Inbound) page.
- In the Authorized Keys list,
click Edit Consumer icon in
the Actions column at the authorized key for the application you just
added.
- In the Edit Consumer Key Properties window,
click Select User and enter the user ID for
the authorized administrative user.
- Click Finish.
- Optional: To verify that the friends list is
configured correctly, you can enter the following URLs:
https://host-name:9443/jts/friends
https://host-name:9443/ccm/friends
https://host-name:9443/qm/friends
https://host-name:9443/dm/friends
https://host-name:9443/relm/friends
An XML document opens with an entry that is similar to the
following example. The entries vary depending on which friends are
added.
<jd:Friend>
<jfs:internal>false</jfs:internal>
<jd:rootServices rdf:resource="https://host-name:9443/rqm/rootservices"/>
<dc:title>Test%20server</dc:title>
</jd:Friend>
<jd:Friend>
<jfs:internal>false</jfs:internal>
<jd:rootServices rdf:resource="https://host-name:9443/rdm/rootservices"/>
<dc:title>Requirements%20server</dc:title>
</jd:Friend>
What to do next
If you did not complete the access approval in step 10.a., you
can now approve access requests. When access is approved,
you can link between project areas.