Is it possible to restrict certain applications or versions of applications from connecting to StarTeam Server?

0 Likes

Problem:

Is it possible to restrict certain applications or versions of applications from connecting to StarTeam Server?

Resolution:


  • Product Name: StarTeam
  • Product Version: 2009
  • Product Component: Server
  • Platform/OS Version: All

The StarTeam 2009 Server allows administrators to fine tune the set of client applications that can connect to the server by customizing a new "app-control.xml" file. This feature prevents unwanted SDK applications from connecting to the Server and draining Server resources. This is strictly an administrative tool, not a security measure.

The server looks for a new configuration file named "app-control.xml" located in the AppControl subdirectory under the StarTeam repository root directory. When a new configuration is created, StarTeam 2009 Server creates this file from a template app-control.xml file located in AppControl directory under the Server installation directory.

The configuration "app-control.xml" file, if present, contains a set of rules. Each rule asks the server to test the incoming client connections to satisfy one or more of the following conditions:

  • The StarTeam SDK is greater or equal to a certain version.
  • The application name, connecting user name, and/or client workstation name must match a specified text pattern.

In the example below the server is instructed to accept connections from applications starting with pattern CPC (i.e. Cross-Platform Clients only) with minimum version of 8.0 or greater. Any versions of CPC earlier than version 8.0 will be refused. You should check all the client versions used in your environments in the StarTeam Server logs before implementing such changes.

The Server tests each incoming client connection against all the rules present in the app-control.xml file until a match is found or until the rule list is depleted. Once a match is found, no more checks are done and the connection handshake sequence is resumed. If no match is found, the connection is refused. If the app-control.xml file does not exist in the AppControl directory, the Server allows all supported client applications to connect.


Old KB# 30382
Comment List
Related
Recommended