This page describes settings of IHTSDO Tools application in a bare bone Crowd installation
- Setup SSO domain. This step can be ignored if already done
- go to https://dev-crowd.ihtsdotools.org/crowd/console/secure/admin/general.action
- Add .ihtsdotools.org in 'SSO domain' field and Add.
- Setup new application ihtsdo-tools with password 'ihtsdo-tools'. Password can be anything and can be hashed. But same password must be used in crowd.properties.
Go to url https://dev-crowd.ihtsdotools.org/crowd/console/secure/application/addapplicationdetails.action
- Then select Generic Application from 'Application type' list as shown above
- Provide ihtsdo-tools identifier in name field and a password in password field.
- Add IMS service url in next step
- Choose 'IHTSDO User Directory' for directory access and add ihtsdo-users as default authentication user group
- On confirmation step, user must click "Add Application" failing which application will not be added.
Upon confirmation ihtsdo-tools application will be added and newly added application will be shown
- Add desired groups to be identified with this application. These group must conform to Security Policies. This step must be repeated for any new non nested group of ihtsdo-tools application.
- If required groups are not available create them as per Security Policies.
- Go to url https://dev-crowd.ihtsdotools.org/crowd/console/secure/group/add.action
- Add desired group for example 'ihtsdo-tba-author'
- Add Direct Members if required.
- then add this newly created group to ihtsdo-tools application
- Add localhost, 127.0.0.1 to allowable remote address
- Add other known ip(s) of each IHTSDO tools application for example IMS, Refset, TBA etc
- Add trusted proxy ips of all nginx machine so that SSO works seamlessly
- Go to https://dev-crowd.ihtsdotools.org/crowd/console/secure/admin/viewtrustedproxies.action
- And add ip of proxy.
- Remove permission to remove group/user for this application