Security Parameters
Three parameters determine ‘Secure’ and ‘Non-Secure’ Modes of SICS API Server Start-up. The parameters act as overall switches for the authentication and authorization security functions.
The parameters are found in the web.xml file.
If SICS API Server is installed as described in
SICS API Server - Installation Guide, this file can be found (for Tomcat 10.x) in:
%CATALINA_HOME%/webapps/SicsServer/WEB-INF/web.xml.
The parameters are:
| Parameter name | Valid values | Default | Purpose | web.xml |
|---|---|---|---|---|
ApplyServerSecurity |
true/false |
false |
Indicates whether SICS API Server is running in secure mode or not. | <init-param> <param-name>ApplyServerSecurity</param-name> <param-value>false</param-value></init-param> |
AuthenticationTokenValidity |
hh:mm:ssMeaning hours: minutes: seconds Valid range of values for hh: 00-99, mm: 00-59, ss: 00-59 |
12:00:00 |
This is used to generate an expiration time stamp for the authentication token. Refer to the Authentication paragraph below. |
<init-param> <param-name>AuthenticationTokenValidity</param-name> <param-value>12:00:00</param-value></init-param> |
TokenKeyFile |
Fully qualified/relative path file name, file contents must be printable ASCII characters. Mandatory when ApplyServerSecurity is true. |
To contain the “secret” (as text) which is used for generating the digital signature for the authentication token. Refer to the Authentication paragraph below. NB! You need to change the content of the %LOCAL%/WEB-INF/tokenKey.txt if you use the standard location. |
<init-param> <param-name>TokenKeyFile</param-name> <param-value>%LOCAL%/WEB-INF/tokenKey.txt</param-value></init-param> |