Try OpenEdge Now
skip to main content
Business Process Portal Administrator's Guide
Managing users : Configuring user management : Using OEHybrid realm for Single Point of Authentication : Generating a sealed client-principal file
Generating a sealed client-principal file
You can use the genspacp utility to generate a sealed client-principal file for use with the single point of authentication service.
To use the utility:
1. Go to Windows Start > Programs, select Progress > OpenEdge > Proenv. A command shell window opens and displays information about your OpenEdge installation. The command at the prompt is:
2. Enter the following command:
genspacp -password <text> [-user <text> -domain <text> -role <text> -file <text>]
*-password: (Required) The domain password used to seal the client-principal object.
*-user: (Optional) The user name set in the client-principal. The default name is BPSServer.
*-domain: (Optional) The domain name set in the client-principal. The default domain name is OESPA.
*-role: (Optional) The role set in the client-principal. The default role is SPAClient.
*-file: (Optional) The name of the file to which the client-principal object is saved. The default file name is oespaclient.cp.
3. Do the following:
a. Copy the generated encoded password value to the Password property of the file to use the client-principal. The property file is located in your installation directory at $DLC\src\samples\security.
b. Copy the generated client-principal file to the OEBPS_HOME\conf directory. By default, the client-principal is created in your working directory $WRKDIR.
c. In the umacl.conf file, update the oeauth.server.clientprincipal parameter value with the client-principal file name generated in the previous step. This client principal file is used to authorizes SPA clients. The umacl.conf file is located in the OEBPS_HOME\conf directory.