You can use the genspacp utility to generate a sealed client-principal file for use with the single point of authentication service.
To use the utility:
1. Go to Windows Start > Programs, select Progress > OpenEdge > Proenv. A command shell window opens and displays information about your OpenEdge installation. The command at the prompt is:
-password: (Required) The domain password used to seal the client-principal object.
-user: (Optional) The user name set in the client-principal. The default name is BPSServer.
-domain: (Optional) The domain name set in the client-principal. The default domain name is OESPA.
-role: (Optional) The role set in the client-principal. The default role is SPAClient.
-file: (Optional) The name of the file to which the client-principal object is saved. The default file name is oespaclient.cp.
3. Do the following:
a. Copy the generated encoded password value to the Password property of the spaservice.properties file to use the client-principal. The property file is located in your installation directory at $DLC\src\samples\security.
b. Copy the generated client-principal file to the OEBPS_HOME\conf directory. By default, the client-principal is created in your working directory $WRKDIR.
c. In the umacl.conf file, update the oeauth.server.clientprincipal parameter value with the client-principal file name generated in the previous step. This client principal file is used to authorizes SPA clients. The umacl.conf file is located in the OEBPS_HOME\conf directory.
-password: (Required) The domain password used to seal the client-principal object.