Creating an MAF Logon Provisioning File

Create a provisioning file for applications that use the MAF Logon UI component. The provisioning file is an ASCII text file. Each setting in the file must be on a separate line, or separated by a semicolon. The settings in the provisioning file provide applications with initial connection registration values that control the fields that display in the MAF Logon UI.

You can create a provisioning file for individual applications or provide settings for all applications in a single file. All settings in the configuration file are optional.

Key	Description
servername=	The host name for the machine that hosts the SAP Mobile Platform Server or reverse proxy, if used.
serverport=	The server port number for SAP Mobile Platform Server. The default is 8080.
ishttps=	Boolean value that determines whether to use HTTPS instead of the default unsecured HTTP.
vaultpolicy=	Controls the use of application passwords in the MAF Logon UI. Possible values: `defaulton` – password fields are displayed. The user can enable/disable the password, `defaultoff` – password fields are not displayed. The user can enter a password by performing additional steps. `alwayson` – password fields are displayed. The user must enter a password. `alwaysoff` – password fields are not displayed.
usercreationpolicy=	Controls how user records are created on the server. Possible values: `automatic` – user records are created automatically in the authentication provider as part of the registration process. `certificate` – user records are created automatically based on the client's security certificate. `manual` – you must create users records on the server by manually registering applications. The manual user creation policy applies only to applications that connect to a 2.x version of SAP Mobile Platform Server.
gatewaypingpath=	The Gateway server's ping path. This is used by MAF Logon to identify the SAP NetWeaver Gateway server.
gatewayclient=	Identifies the client on the Gateway server. This is added to registration requests as a URL encoded parameter.
resourcepath=	If you installed a reverse proxy in your landscape, use to specify the URL suffix that the MAF Logon should use during registration requests.
domain=	Note: Applies only to applications that connect to a 2.x version of SAP Mobile Platform Server. The server domain that clients will register to.
companyid=	Note: Applies only to applications that connect to a 2.x version of SAP Mobile Platform Server. The company or farm ID of the relay server used to connect to the server.
securityconfig=	Note: Applies only to applications that connect to a 2.x version of SAP Mobile Platform Server. The security configuration created on SAP Mobile Platform Server.

Example: provisioning file for automatic user creation

servername=smp.server.com; 
serverport=8080; 
ishttps=false;
vaultpolicy=defaulton; 
usercreationpolicy=automatic;

Example: provisioning file for user creation based on certificate

servername=smp.server.com; 
serverport=8443; 
ishttps=true;
vaultpolicy=defaulton; 
usercreationpolicy=certificate;