How to make configuration changes

From idenprotect Knowledge Base
Jump to: navigation, search

If you have not yet installed your application, please Start Here for idenprotect Core Platform, here for idenprotect Authentication Portal, here for idenprotect User Portal or here for idenprotect Active Directory Agent

There are articles for each type of configuration. To see how to change specific settings, please look at the articles in our Configuration Category

Ways to edit the configuration

Your idenprotect solution can be configured to tailor your requirements and there are two ways that the configuration can be edited: -

  • Changing parameters in the idenprotect Core Platform Admin Console (supported by idenprotect Core Platform and idenprotect Authentication Portal)
  • Editing the configuration files on the server file system using a text editor such as nano or vi (supported by all applications)

Editing in idenprotect Core Platform Admin Console

Config Tab
  1. Log in to idenprotect Core Platform Admin Console in https:\/\/<idenprotect.server.url>. See here if you have not logged in previously.
  2. Open the Config Tab
  3. Open a Configuration section
  4. Edit a value or multiple values
  5. Commit changes
  6. Restart server if required

Searching for Configuration in idenprotect Core Platform Admin Console

Search Config

All of the configuration items which can be found on the Admin Console are searchable. Simply go to the Config Tab, Click Search to open up the search field and start typing the configuration item you are looking for, this will automatically filter the configuration items. Once you've found the item you would like to edit, click on this and it will take you to the appropriate editor.

Editing in Command Line

  1. On the server file system, go to directory: -
    • idenprotect Core Platform configuration is located in /etc/idenprotect
    • idenprotect Authentication Portal configuration is located in /etc/idenprotect/idp
    • idenprotect User Portal configuration is located in /etc/idenprotect/userportal
    • idenprotect Active Directory Agent configuration is located in /etc/idenprotect/adsync
  1. Edit one of the .properties files
  2. Save changes
  3. Restart server if required

Configuring Passwords

From Version 3.12.0 onwards, passwords are saved to the database or to the properties files encrypted. If this is a fresh installation, the default passwords will already be encrypted. If you perform an upgrade with an existing installation, your plain text passwords will still be in the properties files. You can tell if your password property is encrypted as the property will look like ENC({encrypted text}).

If you wish to update the password or ensure it is encrypted, you will need to do this via the admin console as the encryption is performed on the server. If you are simply wanting to update your password to be encrypted, you may need to change it to something else first as the server will not allow you to update a password to the same value (regardless of encryption).

If you do not wish to use the encryption, you can overwrite the password in the properties file (ensuring it is not surrounded by ENC() ) with plain text.

Setting Properties Location for idenprotect Core Platform

By default, idenprotect Core Platform stores its configuration settings in a number of files under the following path: -


For this reason, the configuration articles will always refer to the properties file location as above. However, if you need to change this file path for any reason, you can do so by passing an additional parameter into the command to start the server. The parameter is called and it can be used as follows: -

java -jar idenprotect.jar

Note that if you are starting and stopping the idenprotect Core Platform using Linux commands, this extra parameter can be added to the idenprotect.conf file.

Advanced Configuration

For your convenience, some configuration (those that are not usually required to be amended) have been hidden. This should allow you to more easily find the configuration you are looking to amend. If you have seen a configuration item on one of our configuration articles that does not appear to be on the screen at first, please click the button at the bottom of the screen to Show Advanced Config. The table will expand and the advanced configuration will show underneath the other configuration for that screen. Showing/Hiding advanced configuration is a setting which will save between screens.

Storing properties in the Database with Database Replication

If you are using Database replication for a secondary idenprotect Core Platform installation, you may be storing some of your configurations in the database in order to allow a single configuration change to affect both installations. However, there may also be occasions where you want each installation to have its own unique behaviour. When editing a configuration in the idenprotect Admin Console, if that configuration has already been set to be stored in the database, you will be presented with an additional "is local" checkbox. Selecting this will store the property in the database alongside the specific Node ID of the idenprotect Core Platform installation you are using to make the change.

For more information see Config Sharing