Configuration of the Manager UI

This page contains the following sections:

Configuration files
Configuration parameters

Configuration files

Configuration files are processed by security.manager NEXT Manager UI web application in the following order:

WEB-INF/classes/default-application.properties (DO NOT EDIT)
This file contains all configuration options of the Manager UI with their default values.
WEB-INF/classes/custom-application.properties
If a change to the data directory (data.directory.location) is required, the change has to be made in this file. Any further changes have to be made in the following file.
[data.directory.location]/application.properties
Editing this file is the recommended way to make configuration changes. The default data directory (data.directory.location) of Manager UI is ${user.home}/.secman-next.

The format of the configuration files must correspond to the Java Properties file format .

Sample .properties file

# The files have to be UTF-8 encoded, otherwise special characters can lead to errors!
# A safe method is to use Unicode syntax e.g: ä = \u00E4 (see http://0xcc.net/jsescape/)

# comments use the hash sign

# the syntax is:
key = value

# a value can reference another key
key1 = http://${key.with.server}/test

Configuration parameters

General settings

This section describes the parameters that most often need to be changed in a standard installation. Further parameters are described in comments in the file WEB-INF/classes/default-application.properties.

data.directory.location

This parameter defines the data directory where tle local configuration of the Manager UI is stored. The default value is data.directory.location=${user.home}/.secman-next. In case the Tomcat server is running as a Windows service, the .secman-next directory is located in the user directory of the Tomcat user who started the service. Path separators must be specified as either / or \\.

Tomcat User on Windows

If no Tomcat user has been created, the Tomcat server runs with the system user (not recommended!). Depending how the Tomcat has been installed the user directory is created either under %systemroot%/config/systemprofile/.secman-next or %systemroot%/ServiceProfiles/LocalService/.secman-next.

A divergent data directory can be configured in the file WEB-INF/classes/custom-application.properties.

Application settings

policyManagement.arcgisServers: Comma-separated list of the ArcGIS Server instance base URLs. All instances have to be fedarated with the Portal defined as policyManagement.portalUrl.

Example: https://gis1.example.com:6443/arcgis,https://gis2.example.com:6443/arcgis

policyManagement.portalUrl: Base URL of the ArcGIS Portal installation that should be protected. The portal is used to authenticate users signing in to the Manager UI.

Example: https://gis.example.com:7443/portal

security.authn.oauth.clientId: The App ID under which the Manager UI has been registered at ArcGIS Portal.
proxy.cors.trustedServers: A comma separated list of trusted servers. This property is only required if ArcGIS Portal is configured to use Integrated Windows Authentication. The value is the same as that of policyManagement.portalUrl with the path removed from the the URL.

Example: https://gis.example.com:7443
client.config.defaultExpiresHeaderInDays: Sets time in days that the browser should consider the web app’s files unchanged and use cached files if available. Defaults to 0, so changes to application.properties are reflected without the need to clear the browser cache, for example. In a production deployment it is recommended to set this to 0.5 (12 hours). Setting this to -1 prevents the Manager UI to from setting a cache header.

Log settings

logging.logger.level: This parameter defines the level of detail for the logging. Possible values are: TRACE, DEBUG, INFO, WARN, ERROR. The default value is WARN.
logging.file.location: This parameter defines the log file location. The default value is ${catalina.base}/logs. This is the folder of the Tomcat log files. To create Manager UI log files in the data directory of the web application use ${data.directory.location}/logs.
logging.file.prefix: This parameter defines the name of the log files. The default value is ct-secman-next.

Additional logging options are described in the default-application.properties file, for example to enable or disable logging into the console, into files, and GELF logging.