Before the team starts using CTP, the admin needs to define users and access levels. If accounts are not set up and properly synched with CTP, only the admin account will be able to log in to CTP.
In order to set the access levels described in this section (admin, system, provision), you need to have one of the following installed:
- Parasoft Concerto 4.8.2 or later
- Parasoft DTP
- The separate pstsec.war (Parasoft User Administration) file alongside CTP
CTP and Parasoft Concerto
Parasoft Concerto does not currently support accessing SOAtest Server when access controls are required. If Concerto needs to access SOAtest Server, it will need to use a SOAtest Server that has access controls disabled.
About User Configuration
Every team member who will access CTP needs a user account. The level of access that each CTP user has depends on how that user account is configured.
You can define permissions on a per-user basis. Or, if you plan to have a common set of permissions shared across a group of users, you can define the permissions once in a user group, then simply assign users to that user group.
If you have Parasoft Concerto or Parasoft DTP installed, user configuration is performed in the User Administration module. To access this, browse to your team’s DTP interface, then choose User Administration from the top Administration menu.
If you are using the Parasoft User Administration module instead of Parasoft Concerto/DTP, ensure that it is installed and configured as described in Installing Parasoft User Administration.
Configuring CTP for User Authentication
You can access the controls for adding users or groups via the Administration> Security Configuration page, or by going directly to http://localhost:8080/pstsec/.
Adding a User Group
To add a user group with a defined set of permissions:
- Click Groups> Add New.
- Specify the group name and description, then click Save.
- Open the Permissions & Hierarchy tab that appears.
- Select the appropriate access level as described in Specifying Access Levels.
- When you are done adding permissions, click Save.
Adding a User
To add a specific user account:
- Click Users> Add New.
- Specify new user details (login and password are required), then click Save.
- Open the Permissions & Groups tab that appears.
- Do one of the following:
- If you want this user to inherit the permissions defined in a group (as described in Add Group area, then drag the desired group over to the Group Membership area. ), search for that group under the
- If you want to directly specify the user’s access level, follow the procedure in .
You can configure a user to inherit permissions from a group, then centrally adjust group permissions as needed.
- Click Add.
Specifying Access Levels
User access control is enabled on the SOAtest Server when you connect the SOAtest Server to a CTP that has security controls configured. This connection is made in the Parasoft> Continuous Testing Platform preferences page (see Integrating Virtualize Server and/or SOAtest Server with CTP).
User access control allows you to specify what actions each CTP user can perform on the SOAtest Servers that are connected to CTP. For example, you can determine which users are able to view and execute tests.
Note that these controls apply to all instances where SOAtest is accessed via its web service interface. This includes access from CTP, HP QC, and Parasoft Concerto—as well as direct access to the SOAt- est web service API. Without successful user authentication, users will not be able to access the SOAt- est web service interface.
In order to set the access levels (admin, system, provision), you need to have one of the following installed:
- Parasoft Concerto 4.8.2 or later
The separate pstsec.war (Parasoft User Administration) file alongside CTP
- Under tool, select em.
- Under Name, select role.
- Under Value, select the appropriate access level (see Understanding Roles and Permissions).
- Click Add.
Understanding Roles and Permissions
The following table describes roles and permissions available for CTP users:
System and env. definition
Control access permissions
Test Data Management
Admins have permission to create, modify, and execute tests from CTP. This is full access.
Disconnect servers + all repository operations
System users can create, modify, and execute tests on resources with which they have access. This is full access.
All repository operations*
Provision users can create and execute test jobs, as well as configure job-specific settings. This user role cannot create or modify test assets (test scenarios, jobs, etc.).
Can create and execute test jobs
If the user is not assigned a specific role on CTP (provision, system, or admin)—but still successfully authenticates—he or she will be able to view test assets, jobs, and results. This is read-only access.
If the user does not successfully authenticate, he or she will not be able to view test assets, start tests, view test status, or view test results on any SOAtest servers with user access control (e.g., any SOAtest server that is configured to connect to CTP).
* With appropriate resource permissions—see details. for
Synchronizing User & Group Settings with CTP
To make the defined user and group settings available in CTP:
- Log in to CTP using an admin account.
- Choose Administration> Security Configuration.
- Specify how to connect to the Concerto or DTP server where you configured users and groups.
- Click Save.
Specifying Access to Specific Resources
For any user without Administration privileges, the level of access to the available systems, environments, Virtualize/SOAtest servers, and Data Repository Servers (for SOAtest Virtualize 9.9 and later) depends on the permissions that have been set. Resources can be made available to all users, or access can be limited to certain user groups or specific users.
For instance, a user with the "provision" role can provision only designated or unrestricted environments—and can provision only to designated or unrestricted Virtualize/SOAtest servers. Moreover, that same user would see only the Data Repository Servers that are unrestricted or that he has been granted access to.
To specify access to a resource in CTP:
- Click the Permissions link at the top of the page.
You can also choose Administration> Resource Permissions, then use the controls at the top of the page to indicate the resource whose permissions you want to specify.
- Specify the users and/or groups that you want to have access to this resource.