Creating a Security Configuration

Create and name a set of security providers and physical security roles to protect SAP Mobile Platform resources.

Only platform administrators can create security configurations. Domain administrators can only view after the platform administrator creates and assigns them to a domain.
  1. In the left navigation pane of SAP Control Center, select Security.
  2. In the right administration pane, select the General tab, and click New.
  3. Enter a name for the security configuration and click OK.
  4. In the left navigation pane, under Security, select the new security configuration.
  5. In the right administration pane, select the Settings tab, and set values for these properties as required:
    • Authentication cache timeout – determines how long authentication results should be cached before a user is required to reauthenticate. For details, see Authentication Cache Timeouts in Security. Set the cache timeout value in seconds. The default is 3600. To force re-authentication, change this value to 0.
    • Maximum number of failed authentications – determines the maximum number of login attempts after which the user is locked.
    • Authentication lock duration – determines how long the user is locked after the maximum login attempts is reached.
  6. Click Save.
  7. Select the tab corresponding to the type of security provider you want to configure: Authentication, Authorization, Attribution or Audit.
  8. To edit the properties of a preexisting security provider in the configuration:
    1. Select the provider, and click Properties.
    2. Configure the properties associated with the provider by setting values according to your security requirements. Add properties as required. For more information about configuring security provider properties, see the individual reference topics for each provider.
    3. Click Save.
  9. To add a new security provider to the configuration:
    1. Click New.
    2. Select the provider you want to add.
    3. Configure the properties associated with the provider by setting values according to your security requirements. Add properties as required. For more information about configuring security provider properties, see the individual reference topics for each provider.
    4. Click OK.
      The configuration is saved locally, but not yet committed to the server.
    Note: When you create a new security configuration, SAP Mobile Platform sets the NoSecurity provider by default. SAP recommends that after you add, configure, and validate your providers, you remove the NoSecurity provider. For more information on the NoSecurity provider, see NoSecurity Configuration Properties.
  10. To remove the NoSecurity provider:
    1. In the left navigation pane, expand Security folder and select the new security configuration.
    2. In the right administration pane, within the Authentication tab, select NoSecLoginModule and click Delete.
    3. In the right administration pane, within the Authorization tab, select NoSecAuthorizer and click Delete.
    4. In the right administration pane, within the Attribution tab, select NoSecAttributer and click Delete.
    5. In the General tab, click Apply then click Save.
  11. To map roles for the security configuration, select the Role Mappings tab. Create logical roles and map them to physical roles in the security provider.
  12. Select the General tab, and click Validate to confirm that SAP Mobile Server accepts the new security configuration.
    A message indicating the success of the validation appears above the menu bar.
  13. Click Apply to save changes to the security configuration, and apply them across SAP Mobile Server.
    A message indicating the success of the application appears above the menu bar.
Parent topic: Security Configurations
Next topic: Assigning a Security Configuration to a Domain