Creating or Updating the Encrypted Password for Preferences

The encrypted password hash for preferences is used by the portal, and that encrypted value is placed in the MOB_PREFERENCES table in the database.  The first hash is made from any plain text password, while the second (encrypted) hash is built from the chosen value for the first hash.  Both hashes have specific places in the database.


To enable strong cryptography, download the Java Cryptography Extension (JCE) unlimited strength jurisdiction policy file from your JDK vendor and update the security policy JAR files within the JVM that is running SAP Mobile Platform Server.


  1. Navigate to:
  2. From a command line, execute:
    java โ€“jar com.sybase365.mobiliser.vanilla.cli-tools-<version>-CLIEncrypterClient.jar <key> <value>
  3. Configure <key> in <SMP_HOME>\webapps\portal\META-INF\context.xml as the value for the environment element with name prefs/secret.
    <Environment description="The prefs secret key" 
        name="prefs/secret" type="java.lang.String"
        value="paybox" />
      <Environment description="The directory that hosts this file"
        name="logging/baseDir" type="java.lang.String" 
        value="./webapps/portal/META-INF" />
    where <key> represents the decryption key that is used by the Web portals to decrypt data coming from the Preferences service. <value> represents the clear text password used when creating the hashed password for the universal user.
  4. After you have successfully created the encrypted value, update the database with the new preferences:
    UPDATE MOB_PREFERENCES SET STR_VALUE = '{AES-128-PBKDF2}<Hash Value>' WHERE STR_NAME = 'mobiliser.password' AND ( STR_PATH = '/presentationlayer/system/com/sybase365/mobiliser/web/util/DynamicServiceConfiguration/' OR STR_PATH = '/presentationlayer/system/com/sybase365/mobiliser/util/tools/wicketutils/services/Configuration/')