...
- Setup new application ihtsdo-tools with password ihtsdo-tools. Password can be anything and can be hashed. But same password must be used in crowd.properties.
Go to url https://dev-crowd.ihtsdotools.org/crowd/console/secure/application/addapplicationdetails.action
Info Use appropriate web url when working on different Crowd server then dev-crowd
- Then select Generic Application from 'Application type' list as shown above
- Provide ihtsdo-tools identifier in name field and a password in password field.
- Add IMS service url in next step
- Choose 'IHTSDO User Directory' for directory access and add ihtsdo-users as default authentication user group
- On confirmation step, user must click "Add Application" failing which application will not be added.
Upon confirmation ihtsdo-tools application will be added and newly added application will be shown
- Add desired Groups to be identified with this application. These group required by IHTSDO tools applications and must conform to Security Policies.
- If required groups are not available create them as per Security Policies.
- Go to url https://dev-crowd.ihtsdotools.org/crowd/console/secure/group/add.action
- Add desired group for example 'ihtsdo-tba-author'
- Add Direct Members if required.
- then add this newly created group to ihtsdo-tools application
- Add localhost, 127.0.0.1 to allowable remote address
- Add other know known ip(s) of each IHTSDO tools application for example IMS, Refset, TBA etc
- Add trusted proxy ips of all nginx machine so that SSO works seamlessly seamlessly
- Remove permission to remove group/user for this application
| Info |
|---|
ihtsdo-users is default user group hence must be configured. |
...