Access to data must be strictly controlled to meet the security requirements of the enterprise. Strict data access control is achieved through a combination of firewalls, authentication, and authorization.
Firewalls and network configuration
A firewall provides the first level of protection by restricting access to the private network from the Internet. Sophisticated firewall configuration can provide strong security for all enterprise resources.
All CollabNet TeamForge application server nor the backend servers should ever be exposed to the Internet.
The CollabNet TeamForge application to function effectively, the following conditions must be met.
- Across the firewall, clients (users) must have access to:
- The web server through a secure protocol such as HTTPS (port 443). The web server typically handles both the browser requests as well as the SOAP requests and forwards them to the CollabNet TeamForge application server.
- Send mail to CollabNet TeamForge mail server via SMTP (port 25).
- The SCM server through a secure protocol such as SSH (port 22).
- The web server must have access to the application server (typically port 8080). Note: This port is not exposed outside the firewall.
- The web server must have access to the SCM server for repository browsing functionality.
- The application server must have access to the backend (SCM, database, mail, etc.) servers.
- The SCM server must be able to access CollabNet TeamForge for commit notifications.
- The mail server must be able to deliver messages across the firewall.
Authentication and authorization
To secure sensitive data, CollabNet TeamForge provides access control tools to restrict unauthenticated and non-member access.
User authentication is supported through verification of username and password during login. Project administrators can completely restrict access to authenticated members by marking projects as gated communities or private. A gated community is only accessible to unrestricted users, while a private project is only accessible to its members.
CollabNet TeamForge .