Kwauth

To authenticate with a Validate server that is supported by SAML or OIDC, install version 24.2 or newer of kwauth from one of the following packages: kwauthtools, kwbuildtools, or the kw-cmd-installer found in kw-desktop-tools. See Installing the Auth Tools package.

kwauth allows users to authenticate with the Klocwork Server.

When an access control method has been configured (Basic, LDAP or NIS), all users need to authenticate with the Validate Server, either through a GUI login dialog or with kwauth. If not already authenticated, users will be prompted to run kwauth once before running one of the Klocwork command-line tools (except those which create a build specification, such as kwinject, kwwrap and kwant).

kwauth prompts you to enter your user name and password.

  • If Basic access control has been set up, enter the user name and password given to you by the Klocwork administrator.
  • If LDAP, LDAP SSO, or NIS access control has been set up, enter your LDAP or NIS user name and password.

kwauth then stores a token in the user's home directory, so it needs to be run only once. Note that users' passwords are not stored.

Once authenticated, a user can run any Klocwork tool that points to the same Validate Server host and port. To run Klocwork tools pointing to a different Klocwork Server host and port, the user must run kwauth again. Likewise, to run Klocwork tools as a different user, that user must run kwauth again.

Starting release 2024.2, use kwauth to generate an access code to authorize a device when on a SAML or OIDC authenticated server. See Accessing Validate by Perforce.

Usage 

kwauth [--url http(s)://<host>:<port>]

Examples 

kwauth --url http://myserver.acme.com:8080

Options

Name Description
--help displays the available options
--insecure store the ltoken file credentials in plain text. Since this option stores ltoken information in an insecure manner, it should only be used when necessary.
--log-out invalidate the stored token. After using the --log-out option, if access control is still set up, you will need to run kwauth again before running any tools that connect to the Klocwork Server.
--print-auth-info, -i print the authentication information (the authentication token and the user it was issued to for the specified server) in JSON format, which allows the token to be used for Web API requests
--url http(s)://<klocwork_server_host>:<klocwork_server_port>/ URL for the Klocwork Server. Use https:// if a secure Validate Server connection has been configured. Use https:// if a secure Validate Server connection has been configured.
--use-application-token, -t supply an application token on the command line for this headless machine
--verbose print verbose information about program execution, which can help to troubleshoot errors
--version get version information
Related concepts