When installing IBM® Rational® Integration Tester, you do not have to enable, select, or configure any security options.
If you select Active Directory or LDAP, authentication is specified by a user name and a password entered during the installation of Rational Test Control Panel. If you already have access to an Active Directory or LDAP environment, you can verify access to Rational Test Control Panel by logging into the environment and checking that you have access to pages in the application. This verification process can be extended to check whether you have standard or administrator privileges in Rational Test Control Panel.
IBM Rational Integration Tester Platform Pack includes an HTTP/TCP proxy, which includes SSL and a custom key pair/certificate for the HTTPS proxy. You can replace the certificate by updating the existing keystore that is referenced in the proxy’s configuration file or by using a new one as appropriate.
The IBM Rational Quality Manager adaptor of Rational Integration Tester, which is hosted within the IBM Rational Integration Tester Agent process, specifies that a user name and password must be used to connect to Rational Quality Manager. (The password in the configuration file can be encrypted by using the EncryptPassword program supplied with Rational Integration Tester.) The connection is usually over HTTPS but the exact configuration of the connection depends on the configuration of Rational Quality Manager.
In Rational Integration Tester, you can also define a number of connections to test management and defect management systems.
Rational Integration Tester and Rational Test Control Panel do not support single sign-on.
Rational Integration Tester processes and tasks can be run by any user with appropriate privileges to access the required files.
When installing Rational Test Control Panel and Rational Integration Tester Platform Pack on Microsoft Windows, IBM Installation Manager defaults to configuring Windows services to run Rational Test Control Panel and the HTTP/TCP proxy at startup but you can change this during installation. These services are executed using the Local System account. After installing the software, you can use the Windows Service Control Manager to modify or disable the services.
All communications with Rational Test Control Panel are plain HTTP on a default port of 7819. It is possible to change the port number. It is also possible to change the configuration to use SSL.
In Rational Test Control Panel, there is no concept of user groups: users are either normal users or administrators.
In Rational Integration Tester, there is no user creation or management. However, if Active Directory or LDAP permissions are enabled for a project, user management is controlled through Active Directory or LDAP.
Depending on the configurations that are deployed, this software offering might use cookies that can help enable you to collect personally identifiable information. For information about this offering’s use of cookies see the Notices topic.
Rational Test Control Panel Apache Ant tasks and REST interface do not require authentication, so actions that can be achieved by using this functionality are unsecure.
The built-in security functionality of Rational Test Control Panel stores the user names and passwords as hashes in a file for user authentication. Passwords for further remote access, for example, when configuring access to a Rational Integration Tester project results database, are stored obfuscated.
Rational Integration Tester project resources contain passwords used to access middleware and databases. These passwords are stored in an obfuscated form that could be reversed. Therefore, the accounts used should be limited to the minimum set of rights needed to interact with these resources for the purposes of test execution or virtualization of services that use them.