Creating or Updating the Encrypted Password for Preferences

The encrypted password hash for preferences is used by the portal, and that encrypted value is placed in the MOB_PREFERENCES table in the database. The first hash is made from any plain text password, while the second (encrypted) hash is built from the chosen value for the first hash. Both hashes have specific places in the database.

Prerequisites

To enable strong cryptography, download the Java Cryptography Extension (JCE) unlimited strength jurisdiction policy file from your JDK vendor and update the security policy JAR files within the JVM that is running SAP Mobile Platform Server.

Note: Disabling or enabling portal through the console overrides the any value that is set previously.

Task

Navigate to:
SMP_HOME\Server\tools\mobiliser\com.sybase365.mobiliser.vanilla.cli-tools-5.1.3.RELEASE-CLIEncrypterClient.jar
From a command line, execute:
java –jar com.sybase365.mobiliser.vanilla.cli-tools-<version>-CLIEncrypterClient.jar <key> <value>
Configure <key> in SMP_HOME\webapps\portal\META-INF\context.xml as the value for the environment element with name prefs/secret.
```
<Environment description="The prefs secret key" 
    name="prefs/secret" type="java.lang.String"
    value="paybox" />

  <Environment description="The directory that hosts this file"
    name="logging/baseDir" type="java.lang.String" 
    value="./webapps/portal/META-INF" />
```
where <key> represents the decryption key that is used by the Web portals to decrypt data coming from the Preferences service.
Warning! Do not choose a key at random. The key you enter must be identical to the one used by the Web portals to decrypt the data from Preferences; otherwise, the portals cannot connect to Mobiliser.
<value> represents the clear text password used when creating the hashed password for the universal user.
After you have successfully created the encrypted value, update the database with the new preferences:
UPDATE MOB_PREFERENCES SET STR_VALUE = '{AES-128-PBKDF2}<Hash Value>' WHERE STR_NAME = 'mobiliser.password' AND ( STR_PATH = '/presentationlayer/system/com/sybase365/mobiliser/web/util/DynamicServiceConfiguration/' OR STR_PATH = '/presentationlayer/system/com/sybase365/mobiliser/util/tools/wicketutils/services/Configuration/')