Configures the standard security filters for Mobiliser.
| Key | Default | Description |
|---|---|---|
| ehCacheBasedUserCache.location | SMP_HOME\Server\config_master\com.sybase365.mobiliser.framework.gateway.security.filters.standard\com.sybase365.mobiliser.framework.gateway.security.filters.standard.properties | Ehcache configuration location for the user details cache. |
| osgiProviderManager .eraseCredentialsAfterAuthentication | context | Defines whether Spring security removes the credentials from the authentication object after successful authentication. To upgrade password hashing algorithms, set this key to false, since the password is needed to update the hash. |
| matcherMode | standard | Sets the HTTP path expressions. When matching HTTP paths for security expressions, Spring security normally uses the request path built by request.getServletPath() + request.getPathInfo(). For some environments, build the path with request.getContextPath() + request.getPathInfo(). If the request path has been built using the context path, set this key to "context". |
| baseUrl | /mobiliser | Sets the base URL for the security configurations picked up
from the OSGi registry, which can be relative or absolute.
Relative configurations do not begin with a slash (/);
therefore, the base URL configured as relative is prepended to
the configuration before the HTTP path expression is configured.
This should match the servlet name configured in the PID:
com.sybase365.mobiliser.framework.gateway.httpservice |
| realmName | MOBILISER | Defines the realm name for the unauthorized response header. If the server receives a request for an access-protected object, and the request is denied, the server responds with a 401 response code and a "WWW-Authenticate" header. |
| channel | any | Defines the channel of the default security configuration for
the servlet:
|
| roles | MOBILISER_ ACCESS | Defines the roles of the default security configuration for the servlet, which is a comma-separated list and uses an OR expression. You can override the default by providing specific configurations elsewhere within the container. |
| port_mapping_xxx | Defines the mapping between secure and insecure ports. If a channel is set to something other than “any,” whether with the default or other specific configuration, Spring security must know the mapping between secure and insecure ports to properly send the client a 302 response with a “Location” header. You may have any number of these configurations to specify the mappings between these ports. If you are using nonstandard ports in jetty.xml for your connectors, configure the ports here. |
SMP_HOME\Server\configuration\com.sap.mobile.platform.server.mobiliser.core\userdetails-ehcache.xml
<?xml version="1.0" encoding="UTF-8"?> <ehcache xsi:noNamespaceSchemaLocation="http://ehcache.org/ehcache.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <defaultCache timeToLiveSeconds="0" timeToIdleSeconds="600" memoryStoreEvictionPolicy="LRU" overflowToDisk="false" eternal="false" maxElementsInMemory="50"/> <cache timeToLiveSeconds="5" timeToIdleSeconds="5" memoryStoreEvictionPolicy="LRU" overflowToDisk="false" eternal="false" maxElementsInMemory="100" name="userDetailsCache"/> </ehcache>