When a non-secure (HTTP) connection is used between the IBM® Rational® Requirements Composer server and Jazz® Team Server you might see "timestamp_refused" errors in the Jazz Team Server server log. These entries might be included when the server is under high load. The entries also might be recorded when the Jazz Team Server and Rational Requirements Composer servers are on different computers and the clocks on the two computers are not synchronized within a second. Using HTTP creates the potential for security breaches. This problem does not occur when using a secure connection (HTTPS) between Rational Requirements Composer and Jazz Team Server.
Rational Requirements Composer users are unable to use the client when the OAuth tokens expire unexpectedly. Administrators are unable to complete server setup. OAuth error messages and
400 Bad Request messages are displayed at the top of the Rational Requirements Composer web client or setup page.
Resolving The Problem
To address the OAuth problem during setup, synchronize the clocks on the Jazz Team Server and Rational Requirements Composer server to be within one second.
To prevent potential problems for Rational Requirements Composer users who work under a high server load, increase the OAuth nonce tracking period on the Jazz Team Server admin page. To increase the OAuth nonce tracking period:
- In your web browser open http://server:9080/jts/admin#action=com.ibm.team.repository.admin.configureAdvanced
- Find the OAuth nonce tracking period (in seconds) property.
- The default value is
5seconds. Increase this value to
- Click Preview in the top right corner of the
- Click Save in the top, right corner of the page.
16 June 2018