Configuration of the Manager UI

Configuration files

Configuration files are processed by security.manager NEXT Manager UI web application in the following order:

  1. WEB-INF/classes/default-application.properties (DO NOT EDIT)
    This file contains all configuration options of the Manager UI with their default values.

  2. WEB-INF/classes/custom-application.properties
    If a change to the data directory (data.directory.location) is required, the change has to be made in this file. Any further changes have to be made in the following file.

  3. [data.directory.location]/application.properties
    Editing this file is the recommended way to make configuration changes. The default data directory (data.directory.location) of Manager UI is ${user.home}/.secman-next.

The format of the configuration files must correspond to the Java Properties file format .

Sample .properties file
# The files have to be UTF-8 encoded, otherwise special characters can lead to errors!
# A safe method is to use Unicode syntax e.g: รค = \u00E4 (see http://0xcc.net/jsescape/)

# comments use the hash sign

# the syntax is:
key = value

# a value can reference another key
key1 = http://${key.with.server}/test

Configuration parameters

General settings

This section describes the parameters that most often need to be changed in a standard installation. Further parameters are described in comments in the file WEB-INF/classes/default-application.properties.

data.directory.location

This parameter defines the data directory where tle local configuration of the Manager UI is stored. The default value is data.directory.location=${user.home}/.secman-next. In case the Tomcat server is running as a Windows service, the .secman-next directory is located in the user directory of the Tomcat user who started the service. Path separators must be specified as either / or \\.

Tomcat User on Windows
If no Tomcat user has been created, the Tomcat server runs with the system user (not recommended!). Depending how the Tomcat has been installed the user directory is created either under %systemroot%/config/systemprofile/.secman-next or %systemroot%/ServiceProfiles/LocalService/.secman-next.

A divergent data directory can be configured in the file WEB-INF/classes/custom-application.properties.

Application settings

policyManagement.arcgisServers

Comma-separated list of the ArcGIS Server instance base URLs. All instances have to be fedarated with the Portal defined as policyManagement.portalUrl.

Example: https://gis1.example.com:6443/arcgis,https://gis2.example.com:6443/arcgis

policyManagement.portalUrl

Base URL of the ArcGIS Portal installation that should be protected. The portal is used to authenticate users signing in to the Manager UI.

Example: https://gis.example.com:7443/portal

security.authn.oauth.clientId

The App ID under which the Manager UI has been registered at ArcGIS Portal.

client.config.defaultExpiresHeaderInDays

Sets time in days that the browser should consider the web app’s files unchanged and use cached files if available. Defaults to 0, so changes to application.properties are reflected without the need to clear the browser cache, for example. In a production deployment it is recommended to set this to 0.5 (12 hours). Setting this to -1 prevents the Manager UI to from setting a cache header.

Log settings

logging.logger.level

This parameter defines the level of detail for the logging. Possible values are: TRACE, DEBUG, INFO, WARN, ERROR. The default value is WARN.

logging.file.location

This parameter defines the log file location. The default value is ${catalina.base}/logs. This is the folder of the Tomcat log files. To create Manager UI log files in the data directory of the web application use ${data.directory.location}/logs.

logging.file.prefix

This parameter defines the name of the log files. The default value is ct-secman-next.

Additional logging options are described in the default-application.properties file, for example to enable or disable logging into the console, into files, and GELF logging.