Preference configuration values are stored encrypted in the MOB_PREFERENCES table.

Prefix encrypted preferences values with the encryption algorithm, such as:

Decryption is transparent to an application; however, the developer who is using a particular preferences node must explicitly enable encryption-support for that node explicitly.

For Mobiliser, the encryption/decryption key is configured in:


For applications using remote access to preferences, configure the encryption/decryption key using one of these methods:
  • System property<KEY>
  • JNDI entry <Environment description="Preferences key" name="prefs/secret" type="java.lang.String" value="<KEY>" />

    The JDNI entry is usually configured in <TOMCAT_HOME>/conf/server.xml.

  • Property file on class path

    with line: encryption-secret=<KEY>

The AES/CBC/PKCS5Padding encryption is automatically used. The encrypted value must be Base64-encoded, and the first 16 bytes are interpreted as the initialization vector (IV). The encryption key is derived from the password using PBKDF2HmacWithSHA1 hashing with the static salt {97,101,105,111,117,85,79,73,69} and 65536 iterations. SAP Mobile Platform Server includes an executable JAR in the ./tools folder that encrypts configuration values according to this specification.

./tools> java -jar <SMP_HOME>\Server\tolls\mobiliser\com.sybase365.mobiliser.vanilla.cli-tools-5.1.0.RELEASE-CLIEncrypterClient.jar