Security Server Configuration Properties
You can view the following properties for the Lawson Security server through the Lawson Security Administrator. From the main screen of the Administrator, select Server Management, Server, and then select the Configuration tab.
The list that follows shows the available properties. If the property name is bolded, you can change the value.
| Property | Description |
|---|---|
| AUDIT | Set to ON or OFF to turn auditing on or off. If auditing is on, it will track the items listed for the AUDIT_TYPES parameter. |
| AUDIT_DATASRC | The location where audit data is stored. If you select DB, the data is stored in the LSAUDIT file in the LOGAN data area. If you select LDAP, the data is stored in the LDAP repository. The default is DB. Be aware that if you select LDAP, large amounts of data may be placed in the LDAP repository. |
| AUDIT_TYPES | The type of activities that will be monitored if you turn on auditing: ADD = adding security data for profiles, security classes, and rules; CHG = changing security data for profiles, security classes, and rules; DEL = deleting security data for profiles, security classes, and rules; DEN = denial of access, SSO = authentication attempt. |
| CACHING_INTERVAL |
Time in seconds that the system waits to check for updated security information. The default is 900 seconds (15 minutes). This parameter is intended to be configured only in test environments when, for example, you might you want and immediate response from the system about whether a security policy you are writing is working properly. You could, for example, change the interval to 60 seconds, in order to test a rule you have just written. For production environments, Lawson recommends retaining the default (900 seconds). Lower settings could have a negative impact on system performance. |
| CLEAR_CACHE_REQUEST | The date and time of the last request to clear the security cache. The date and time are in the format: yyyymmddhhmmss. |
| DEDICATED_HANDLERS | Set to TRUE or FALSE. If TRUE, then for each security request, a separate event handler is created that exists until the system is finished with the request. If FALSE, then the event handler for a request goes into a pool after finishing with each request, and is available for other requests. If you set this to FALSE, use the MAX_HANDLER_IDLETIME, MAX_CONN_BLOCK_TIME, MAX_HANDLER_COUNT, and MIN_HANDLER_COUNT parameters to control the event handler pool. TRUE generally results in faster performance but more intensive resource use. |
| DEFAULT_USER | Not used. |
| INSTALLEDTYPES |
Set to RM if you only have ProcessFlow Runtime. Set to RM, ERP if you also have Infor Lawson Core Technology. Note: There
must be no spaces in the value for this property.
|
| LAWDIR | The path for the directory on the application server for the Lawson applications, configuration files, and spooled print output. |
| LOCAL_EXECUTION | Not used. |
| LOGGING_LEVEL |
The level of detail for the information that is included in the security logging. The levels correspond as follows to the settings on the Auditing + Logging tab.
|
| LOGGING_USERS | The users that you have selected to audit. |
| LOG_DIR | The directory where the log files are located. |
| MAX_CONN_BLOCK_TIME | If DEDICATED_HANDLERS is set to FALSE, this is the amount of time in milliseconds until the pool of handlers becomes available. |
| MAX_HANDLER_COUNT | If DEDICATED_HANDLERS is set to FALSE, this is the maximum number of handlers in the pool. |
| MAX_HANDLER_IDLETIME | If DEDICATED_HANDLERS is set to FALSE, this is the time in milliseconds a handler should stay in the pool until the handler is stopped. |
| MIN_HANDLER_COUNT | If DEDICATED_HANDLERS is set to FALSE, this the minimum number of handlers in the pool. |
| MODIFIEDON | The most recent date and time security information was modified. |
| PRINTNETMSG | Set to TRUE to cause more verbose logging output. If set to TRUE, the maximum amount of information is sent to the ls<instancename>.log. Administrators must monitor the size of the log file if this parameter is set to TRUE. |
| RM_DS_NAME | Not used. |
| RM_DS_TYPE | Must be LARM. It refers to the Resource Management APIs used to access the Resource Management data source. |
| RM_MODIFIED_ON | The date and time Resource Management data was modified. The date and time are in the format: yyyymmddhhmmss. |
| ROOTDN | The LDAP node that is the root node for Lawson data o=lwsnrmmetaroot |
| SEC_DS_NAME | |
| SEC_DS_TYPE | Set to LDAP to indicate that security data is stored in LDAP. |
| SERVER_INSTANCE | Set by installation to "default." |
| TRACE | Indicates whether tracing has been turned on or off. |
| TRACE_DIR | The directory where trace files are located. |
| USERMODIFIED | The date and time that the last change was made to the security system. The date and time are in the format: yyyymmddhhmmss. |
| USE_SECURESOCKET |
If TRUE, SSL is used for transport of the password from Lawson Portal to LDAP. If FALSE, the password is sent as plain text using TCPIP. |