Security Considerations

Code Collaborator administrators need to be aware of several security issues and options which affect the overall security of the system. This section covers those issues.

Code Collaborator relies on the underlying operating system as a foundation for overall system security. Several potentially sensitive items are stored in the local filesystem, including database credentials, LDAP credentials (if used), and file contents. Care should be taken to maintain system security of the server's operating system, so this information is not compromised. Smart Bear does not have any specific security expertise, so we recommend you follow the guidance of your operating system's vendor.

By default, the Code Collaborator server operates over regular HTTP. This means that all communications between clients and servers are unencrypted on the wire. Therefore, it is possible for someone with access to the network to use network sniffing tools to gather information from that traffic. Some things that are available over the wire are file contents, user conversations, and even authentication credentials (usernames and passwords). If wire-level security is a concern, administrators should configure the server to use secure http (HTTPS).

Code Collaborator uses two different cookies to track user activity: a session cookie; and a "remember me" cookie. The session cookie consists of a unique identifier assigned to the user at login time. Once logged in, this cookie allows the user to continue accessing Code Collaborator without needing authenticate repeatedly. This cookie expires after 30 minutes of inactivity.

The "remember me" cookie is a longer lived cookie that, if present, reauthenticates the user if their session cookie expires. This cookie contains encrypted authentication information and if compromised, could allow an attacker to impersonate a user or potentially extract the user's password from the cookie. In high security environments, this cookie can be disabled by editing the context configuration file (.../tomcat/conf/Catalina/localhost/ROOT.xml) and removing the line that begins with "<Valve className="com.smartbear.ccollab.auth.CollabFormAuthenticator"".

Prior to version 5.0, Code Collaborator relied on trusted clients to participate in authentication of users. As of 5.0, the default install is to not trust the clients and instead force them to provide credentials with each XMLRPC request. While this is more secure, and is the recommended configuration, we recognize that this configuration breaks older clients. So, we have implemented the following compromise:

1.	Client compatibility is controlled by an application parameter configured in the context configuration file (.../tomcat/conf/Catalina/localhost/ROOT.xml). The parameter name is "client-compatibility" and if the value is set to "true", older clients are allowed to connect to this server.

By default, upgrades from 4.0 will have client compatibility enabled -- that is, older clients will still be allowed to connect to the server. This is in recognition of the fact that server upgrades usually lead client upgrades by some period of time. We recommend that client compatibility be disabled as soon as clients can be upgraded.

3.	By default, new installs will have client compatibility disabled. The assumption here is that new server installs will usually correspond to new client installs. Unless there are existing older clients (4.0 or earlier), it is not advisable to change this setting.

Note: This setting is explicitly a stop-gap for backwards compatibility. In the future, we expect to break backwards compatibility with 4.0 clients and always require preemptive authentication. However, this setting is expected to remain in place for all 5.x builds.