Administrator

Creating an MAF Logon Provisioning File

Create a provisioning file for applications that use the MAF Logon UI component. The provisioning file is an ASCII text file. Each setting in the file must be on a separate line, or separated by a semicolon. The settings in the provisioning file provide applications with initial connection registration values that control the fields that display in the MAF Logon UI.

You can create a provisioning file for individual applications or provide settings for all applications in a single file. All settings in the configuration file are optional.
Key Description
servername= The host name for the machine that hosts the SAP Mobile Platform Server or reverse proxy, if used.
serverport= The server port number for SAP Mobile Platform Server. The default is 8080.
ishttps= Boolean value that determines whether to use HTTPS instead of the default unsecured HTTP.
vaultpolicy=

Controls the use of application passwords in the MAF Logon UI.

Possible values:
  • defaulton – password fields are displayed. The user can enable/disable the password,
  • defaultoff – password fields are not displayed. The user can enter a password by performing additional steps.
  • alwayson – password fields are displayed. The user must enter a password.
  • alwaysoff – password fields are not displayed.
usercreationpolicy=

Controls how user records are created on the server.

Possible values:
  • automatic – user records are created automatically in the authentication provider as part of the registration process.
  • certificate – user records are created automatically based on the client's security certificate.
  • manual – you must create users records on the server by manually registering applications. The manual user creation policy applies only to applications that connect to a 2.x version of SAP Mobile Platform Server.
gatewaypingpath= The Gateway server's ping path. This is used by MAF Logon to identify the SAP NetWeaver Gateway server.
gatewayclient= Identifies the client on the Gateway server. This is added to registration requests as a URL encoded parameter.
resourcepath=

If you installed a reverse proxy in your landscape, use to specify the URL suffix that the MAF Logon should use during registration requests.

domain= The server domain that clients will register to.
companyid= The company or farm ID of the relay server used to connect to the server.
securityconfig= The security configuration created on SAP Mobile Platform Server.

Example:

Example: provisioning file for automatic user creation
servername=smp.server.com; 
serverport=8080; 
ishttps=false;
vaultpolicy=defaulton; 
usercreationpolicy=automatic; 

Example:

Example: provisioning file for user creation based on certificate
servername=smp.server.com; 
serverport=8443; 
ishttps=true;
vaultpolicy=defaulton; 
usercreationpolicy=certificate;