Defining Administrative User
A key task to configuring security for FSA is defining the proxy administrative user. The proxy administrative user is required to enable cache communications between the proxy and the host Integrity Lifecycle Manager server. The proxy administrative user must be a valid user in the authentication realm and can be set to an actual user on the system.
The proxy administrative user is defined by modifying the following properties in the installdir/config/properties/is.properties file:
mksis.proxy.default.adminUser
mksis.proxy.default.adminPassword
mksis.proxy.<serverAlias>.adminUser
mksis.proxy.<serverAlias>.adminPassword
For more information on is.properties, see “Configuration Management FSA Properties”.
The proxy administrative user should have a restricted set of ACL permissions. All permissions should be denied except for
Login,
OpenProject,
FetchRevision. These permissions can be set globally or only for the projects to be accessed through the proxy. For more information on ACLs, see
“Access Control Lists for FSA”.