Authentication using the ltoken

Authentication tokens are stored by kwauth and by Klocwork client applications in a special file in the user's home directory. This token, called the ltoken, is used to authenticate users with tools such as kwbuildproject, kwcheck and the Web API. You can find this file as follows:

• Windows:C:\Users\<user_name>\.klocwork\ltoken
• Unix:~/.klocwork/ltoken

If there is no ltoken file in your .klocwork directory, run kwauth to generate the file.

Overriding the default ltoken location

You can use a custom ltoken file location by setting the 'KLOCWORK_LTOKEN' environment variable. To populate the ltoken file, set 'KLOCWORK_LTOKEN' and authenticate using kwauth. The generated ltoken is stored in the specified location instead of the default location.

Tools requiring authentication use the ltoken location specified in the 'KLOCWORK_LTOKEN' environment variable, if set. Otherwise, it uses the default location.

This does not move or copy the original ltoken file, so you must re-authorize users with kwauth before other tools can be used.

1  > export KLOCWORK_LTOKEN=/space/myltokenfile
2  > kwauth
3  > Login: jsmith
4  > Password:

1  > set KLOCWORK_LTOKEN=C:\space\myltokenfile
2  > kwcheck run
3  ...

Failing authentication if host name is not found

Unable to authenticate using SSL with <url>

<?xml version="1.0" encoding="UTF-8"?>
   <params> 
     <host resolveHost="false" verifyCertificate="true"/>
   </params>

Note that setting resolveHost="false" is not mandatory, but doing so can prevent the Klocwork Server from resolving the wrong FQDN as the Server will use whatever host you specify in a remote server URL.