NetResults ProblemTracker
Web Server Security Overview

If you do not wish to configure web server security (perhaps your web server is on an internal machine behind a "firewall"), you have completed ProblemTracker installation and configuration. You can now login to ProblemTracker or proceed to the ProblemTracker tutorial.

ProblemTracker Security

ProblemTracker supports security at two levels. The product includes a flexible user group based security scheme, allowing control of access to both function (Add, Edit, View, etc.) and data records. In addition, ProblemTracker also supports the use of your web server's native security mechanism to limit access to the web pages themselves. If you have very strict security requirements, you may wish to apply web server security to your ProblemTracker installation.

Web Server Security

Many web servers allow you to restrict access to a web site on a per user basis via a process called basic authentication. ProblemTracker has been designed with this in mind, allowing you to limit access to any function by using the web server's built-in security mechanism.

ProblemTracker Organization

The ProblemTracker web pages are organized by function as shown in the following table. In general all pages related to a particular function have been included in the same directory, using a common program file. By applying security to these directories and program files as desired, you can limit each individual or group in your organization to the functions appropriate to their job. When a user browses to a page or program where security has been applied, a dialog appears in their browser requiring them to enter a username and password. Depending upon their identity, they will be allowed or denied access to the resource.

Note that the following table assumes that a workgroup named pteval, the Evaluation Workgroup, has been installed. For your workgroup, substitute your workgroup name where "pteval" appears. rootDir is the web server root directory where the ProblemTracker content and program files were installed (by default, C:\Inetpub\wwwroot\ProblemTracker).

Function Directory
Workgroup Management System Administrative Functions rootDir/ptadmin
Workgroup Administrative Functions rootDir/pteval/Admin
Normal Internal User Operations rootDir/pteval/Intranet
External User Operations rootDir/pteval/Internet
Add Record rootDir/pteval/Intranet/Add
Edit Record rootDir/pteval/Intranet/Edit
View Record rootDir/pteval/Intranet/View
Advance Record State rootDir/pteval/Intranet/Task
Delete Record rootDir/pteval/Intranet/Delete
File Attachments rootDir/pteval/Attachments
Generate Report rootDir/pteval/Intranet/Report
Discussion - Enterprise Edition Only rootDir/pteval/Intranet/Discuss
Documentation rootDir/pteval/Help
Workgroup Management Sysytem Admin Documentation rootDir/ptadmin/Help
Workgroup Admin Documentation rootDir/pteval/Help/Admin
User Documentation rootDir/pteval/Help/std

Setting Web Server Security

The procedure for configuring web server security varies for each web server product. This document provides general instructions for setting up security as it relates to ProblemTracker for the following web servers. However, you should also consult the documentation provided with your web server for details regarding its security options.

WMS Operations that can impact your Custom Security Settings

The Repair, Move, and Upgrade operations that can be performed in the Workgroup Management System can reset the customized security you have applied to the locations listed in the table above. Before you use the Repair, Move, or Upgrade operations, it is recommended that you take note of the security scheme you have applied, then re-apply these changes after using one of those operations.

For more information on the WMS operations, please refer to the following sections in the WMS Help Guide:

Repairing a Workgroup
Moving a Workgroup
Upgrading a Version 3 Workgroup
Upgrading a Version 4 or 5 Workgroup