Update the Rational ClearQuest® Web
deployment descriptor to configure client certificate authentication.
About this task
The following variables are used in path names:
- WAShome
- Directory where WebSphere Application Server is installed
- cqwebProfile
- Name of the Rational ClearQuest Web profile
Procedure
- Copy the ClearQuest Web
deployment descriptor file, web.xml, to a working
directory and rename the file. The web.xml file
is located in the following directory:

- WAShome\profiles\cqwebProfile\installedApps\dfltCell\TeamEAR.ear\cqweb.war\WEB-INF\web.xml

- WAShome/profiles/cqwebProfile/installedApps/dfltCell/TeamEAR.ear/cqweb.war/WEB-INF/web.xml
Note: 
If ClearQuest is installed on the Solaris
operating system, the default WebSphere Application Server cell directory
is
srvNode01Cell. Use this value in place of
dfltCell,
which is the default directory on Windows, UNIX, and Linux systems.
For
illustrative purposes, the steps in this topic assume that you renamed
the web.xml file that you copied to a working
directory to web-client-cert.xml.
- Edit the web-client-cert.xml file
by removing the comment characters <!-- and --> that
precede and follow the security elements sections <security-constraint>, <login-config>,
and <security-role>:
<security-constraint>
<web-resource-collection>
<web-resource-name>secure</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ClearQuestUsers</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-conf>
<auth-method>CLIENT-CERT</auth-method>
</login-conf>
<security-role>
<role-name>ClearQuestUsers</role-name>
</security-role>
- Save and close the file.
- Use the WebSphere® Application
Server wsadmin utility to apply the deployment
descriptor changes:
- Change to the working directory where the web-client-cert.xml file
resides.
- Start the wsadmin utility in a command
prompt window:

- "WAShome\profiles\cqwebProfile\bin\wsadmin"

- WAShome/profiles/cqwebProfile/bin/wsadmin
- Run the following commands:
wsadmin> $AdminApp
update TeamEAR file {-operation update -contents web-client-cert.xml
-contenturi cqweb.war/WEB-INF/web.xml}
wsadmin> $AdminConfig
save
wsadmin> exit