In this section:
Overview
Any Parasoft tool connected to License Server can request a license token, which will be granted if a token is available. You can define pairs of regex patterns that match user names and host names/IP addresses in order to programmatically grant or deny access to license tokens.
You can filter access based on individual patterns or on groups of one or more patterns. Filters can apply to users on a specific host or to groups of hosts and users based on a a regex pattern. When pattern or pattern group is defined, you can assign a deny or allow action to the pattern or pattern group.
In addition, you can filter license token access based on membership to user groups imported to User Administration from your LDAP server. In many cases, filtering access based on user groups imported from your LDAP simplifies configuration. This is because work units are already defined in LDAP, which eliminates the need to configure regex patterns.
Deny and Allow Actions
If the pattern or pattern group is assigned an allow action, only the pattern(s) defined in the group that match username/host pair(s) will be granted licenses. If the pattern or pattern group is assigned a deny action, licenses will be denied to the matching pattern(s); requests from all other machines will be granted.
Host Name Format
The host name format (name or IP) should match the format specified by the tool sending the license token request. Tools on different platforms use different formats. For example, the same machine can be defined in three different ways: 10.9.1.50
, gina
, gina.parasoft.com.pl
. You can verify the user/host format by checking the Tokens Usage Details or Licenses Usage Details report.
Filtering Access by Pattern
You can define individual patterns from the License Details screen. You can access the License Details page by choosing Manage Licenses from the License Server menu and clicking on a link in the Tool name column.
Specify the user name and host name in the Filter requests for section click Deny or Allow.
- When a pattern is configured and the Allow action is used, only the machines that are included in the filter will be granted licenses.
- If the Deny action is used, licenses will be denied to machines defined in the filter–requests from all other machines will be granted.
For example, if the deny action is applied to the pattern in the example screenshot above, all users on hosts with IP addresses starting with 10.10.4 will be denied license tokens.
If both Deny and Allow actions are applied to the filters defined in License Server, the logic requires both conditions to be satisfied (i.e., an AND operator placed between the filters). For example, the license for user John will not be granted if the following filters are defined:
- ALLOW: user: John
- DENY: user: .* (i.e. all users)
Filtering by Pattern Group
A pattern group is a collection of username/host patterns. You can create groups that match how dev/test members are segmented and apply filters for more precise control over license access.
- Create a pattern group as described in the Creating and Managing Pattern Groups section.
- Open the License Details screen and choose the group name in the Filter requests for section.
The group includes information about patterns and sub-groups matches in parenthesis:
- p: Indicates the number of licenses that contain the specified user name and host.
- g: Indicates the number of licenses that contain sub-groups and patterns for the specified user name and host.
- Click the Deny or Allow button.
Filter actions are accumulative. You can add a pattern to several groups and any allow actions applied grant additional access to the matched users in the pattern. Deny actions, however, supersede allow actions.
Creating and Managing Pattern Groups
You can specify patterns to manually create groups or use groups defined in User Administration.
Manually Creating Groups
- Choose Management > Manage Groups from the License Server home page to add a new pattern group or edit an existing group.
Enter a name for the pattern group and click Add. A new empty group is created. The group name appears in the Existing groups section, along with the following codes in parenthesis:
- p: Indicates the number of licenses that contain the specified user name and host.
- g: Indicates the number of licenses that contain sub-groups and patterns for the specified user name and host.
Click Edit button next to the name of a new or existing group to edit.
- You can perform the following actions:
- Enter a user name and host name in the New pattern section and click Add to create a new pattern.
- Browse for a CSV file containing users and click Import to add a bulk list of users to the group. The CSV file should be formatted as username, hostname with no header, e.g.,
user1,.*
oruser2,192.168.1.101.
- Choose a group from the Group name drop-down menu and click Add to add an existing group.
- Click Remove in the Existing patterns or Existing groups section to remove an existing pattern or group.
Filtering Access Using Groups Defined in User Administration
You can leverage groups already defined in the User Administration module, rather than of manually creating user groups as described in Manually Creating Groups.
- Choose Management > Manage Groups.
- Enable the Enable user groups from User Administration option in the User Groups section.
You can click the View link to see the users that are members of the group.
Filtering by Pattern Group Example
The following example demonstrates creating a group with one pattern and denying the group access to license tokens.
- Define a group called Deny Group.
- Edit the group and specify
.
as the user name and10.10.4.*
as the host name. - Click Add and define a new pattern using
.
as the user name and10.10.5.*
as the host name. - Use the [Back] links to return to the License details screen. Your group will appear as a filter option.
- Click [Deny] to block all users defined in the group from requesting the license.