Mobile configuration properties for IBM Connections 5.5
Configuration properties in the mobile-config.xml file control how users can interact with the Connections mobile app.
Modifying configuration properties
For information about how to modify a configuration property in the mobile-config.xml file, see the Changing Mobile configuration property values topic.- Enabled properties must have a value of either true or false.
- Number values must be integers.
You can modify the following configuration properties:
General properties
- AllowCopyandPaste
- Allows the copying and pasting of text throughout the application. The default value is true. To prevent copying and pasting, set this value to false.
- AllowiTunesSharing (iOS only)
- Allows documents to be shared when you sync your device with iTunes.
The default value is true.Note: This setting does not apply to the application log files.
- AllowRemoveAccount
- Enables users to delete
accounts on a device without having to first login, which includes
deleting accounts that are no longer used or for which the password
has been forgotten. Valid values are true and false. The
default value is false.
When you set this option to true, accounts can be removed from a mobile device without requiring the user to login and without any authorization check. The user is asked to confirm the deletion of an account before it is removed.
If there are multiple accounts on a mobile device, only the accounts for which AllowRemoveAccount is set to true can be deleted without having to login.
On iOS, When AllowRemoveAccount is set to true, users can swipe to delete the account from the accounts list. If AllowRemoveAccount is set to false for an account in the account list, a swipe to delete the account does nothing.
Note: If a user has existing accounts that they cannot access and that were created before this feature was available, those accounts cannot be deleted using the AllowRemoveAccount property. You can set an option in your Mobile Device Management (MDM) to allow the deletion of these accounts. Refer to MDM app configuration for more information. - DefaultApplication
- Specifies the application that is displayed when a user logs in.
The default value is Updates.
Other possible values are Activities, Blogs, Bookmarks, Communities, Files, Forums, Profiles, and Wikis. You can also specify an extension application name; for more information, see the Applying extensibility properties topic.
- ExposeEmailAddress
- Displays email addresses in Profiles. The default value is true. To prevent email addresses from being displayed in Profiles, set the value to false.
- ExposeGeoLocation
- Displays the geographic location of the user in the activity stream. The default value is true. To hide the geographic location, set the value to false.
- InactivityTimeout
- A timeout value, in minutes, that logs the user out of the client if no activity has taken place for the time period that is defined in this property. The default value is 0 minutes, which means that the user is never logged out because of inactivity.
- RequireDevicePasscode
This key is only supported on iOS. This key requires that a device passcode is set before a user can log in to a Connections server. Device passcodes are required in order to enable the data protection encryption feature used by the Connections app.
When this key is set to true:- A device passcode must be set before the user can log in to an account.
- If the passcode is removed from the device, data associated with accounts that have been previously used to log in will be wiped.
- RememberPassword
- Allows users to save their login password on the mobile device. The default value is true. To prevent passwords from being saved, set the value to false; this setting forces users to enter a password each time the Connections app is started.
- Updates
- Specifies where updates are displayed. Setting DisplayInLauncher to false hides
updates from the Home page. Setting Updates enabled to false hides
updates from the other applications in Connections.The following list shows an example of Updates properties:
<!-- START UPDATES SECTION --> <Updates enabled="true" displayInLauncher="true"> </Updates>
- WebClientAccess
- Allows users to access IBM® Connections
from their mobile device's microbrowser, instead of using the mobile
app. The default value is false. When you disable
web access, users who attempt to access the website see a message
that directs them to download the Connections native app. The URL
points to the marketplace appropriate for the user’s device.Tip: For a richer user experience, disable web client access.
- WebViewMixedContentMode
- Specifies whether mixed content, for example, SSL and non-SSL content, are allowed in a web
view. The following modes can be entered for this option:
- AlwaysAllow
- Mixed content is always allowed.
- NeverAllow
- Mixed content is never allowed.
- BrowserCompatibility
- This is the default mode. When specified, the web view attempts to be compatible with the approach of a modern web browser with regard to mixed content. The types of content that are allowed or blocked might change from release to release and are not explicitly defined.
Note: This option is only supported on Android devices. - MinAndroidAppLevel
- Specifies the minimum level of the Connections Android mobile app that is allowed to connect to the server. The default value is empty, which allows any version of the app to connect to the server.
- MiniOSAppLevel
- Specifies the minimum level of the Connections iOS mobile app that is allowed to connect to the server. The default value is empty, which allows any version of the app to connect to the server.
Activities properties
- enabled
- Enables the application by default. To disable the application, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- PublicActivities
- Allows public activities to be shown. To hide public activities, set the value to false.
Blogs properties
- enabled
- Enables the application by default. To disable the application, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- PublicBlogs
- Allows public blogs to be shown. To hide public blogs, set the value to false.
Bookmarks properties
- enabled
- Enables the application by default. To disable the application, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- PublicBookmarks
- Allows public bookmarks to be shown. To hide public bookmarks, set the value to false.
Communities properties
- AllowAddMembers
- Allows people to be added to a community. The default value is true. Only community owners can add members.
- AllowCommunityOwnedFolders
- Allows folders that are owned by a community to be displayed. The default value is true.
- enabled
- Enables the application by default. To disable the application, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view.
- PublicCommunities
- Allows public communities to be shown. To hide public communities, set the value to false.
Files properties
- enabled
- Enables the application by default. To disable the application, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- PublicFiles
- Allows public files to be shown. To hide public files, set the value of this property to false.
- ShareWithPublic
- Allows files to be shared with everyone. The default value is true. To hide files from public view, set the value to false.
- AllowDownloads
- Allows files to be downloaded to a mobile device. The default value is true. To prevent downloads, set the value to false.
- AllowUploads
- Allows files to be uploaded from a mobile device. The default value is true. To prevent uploads, set the value to false. Files that are downloaded to a device from within Connections are encrypted using your device's operating system.
- AllowExport
- Allows files to be exported to specific folders on the device. The default value is true. To
prevent the exporting of files, set the value to false.
This property allows a file to be exported outside of the app's secure container. If this property is disabled, the file cannot be shared with other applications on the mobile device. On iOS, a setting of false would restrict files to being viewed by the built-in viewers. On Android, files would not be downloaded because there is no built-in viewer, meaning that files must be opened outside the app's secure container.
When the value is false:- A user cannot open a file from the IBM Connections™ app from other apps using the iOS Document Provider extension.
- AllowExportToDeviceGallery
- Allows files to be exported to the device gallery on the device. The default value is true. To prevent the exporting of files to the device gallery, set the value to false.
- AllowImport
- Allows files to be
imported from a third party app and uploaded using the IBM Connections app. The default value is
true.
When the value is true and no whitelist is specified by ImportWhitelist, then any third party app can import files into the IBM Connections app.
When the value is false:- Third party apps cannot import files into the IBM Connections app.
- Importing photos or videos from the device gallery is not allowed. However, photos can be taken with the camera and imported into the IBM Connections app.
- A user cannot save files from other apps using the iOS Document Provider extension.
- ImportWhitelist
- Specifies a whitelist, or list of apps, that are allowed to import files into the IBM Connections app. This value is only used if
AllowImport is set to true. The default value is no
whitelist.
This list is a comma-separated list of app IDs that can import and upload files using the IBM Connections app.
Note: Only supported on iOS. If AllowImport=true and a whitelist is specified, then only the 3rd party apps that are listed in ImportWhitelist are allowed to import files into the IBM Connections app.Taking a photo or video inside the IBM Connections app and uploading it is also allowed. To allow importing of photos and videos from the Camera roll, you must specify the Camera app, com.apple.camera, in the whitelist. To allow importing of photos and videos from the Photos app, you must specify the Photos app, com.apple.mobileslideshow, in the whitelist.
Note: The iOS Document Provider extension cannot honor the list of apps in the whitelist. iOS does not allow extensions to determine which app is launching the extension. Therefore, to protect the security of customers currently relying on the whitelist, our Document Provider extension does not allow any app to save files into IBM Connections. Users can continue to save files into IBM Connections from the whitelist of apps via methods other than the iOS Document Provider extension.
Forums properties
- enabled
- Enables the application by default. To disable the application, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- PublicForums
- Allows public forums to be shown. To hide public forums, set the value to false.
Profiles properties
- AllowEditProfile
- By default, users can edit their profiles. To prevent the editing of profiles, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view.
- enabled
- Enables the application by default. To disable the application, set the value to false.
- Upload
- By default, users can upload Profiles picture. To prevent the uploading of Profiles pictures, set the value to false.
Search properties
- GlobalSearch
- Enables global searching by default. To disable searching across all of IBM Connections, set the value to false. If the property is disabled, users can still search within individual Connections applications.
Surveys properties
- SurveysUrl
- Allows administrators to specify the context for the survey service if it is not the default of
/forms. For example:
<SurveysUrl>/surveys</SurveysUrl>
Wikis properties
- enabled
- Enables the application by default. To disable the application, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- PublicWikis
- Public Wikis are shown. To hide public wikis, set the value to false.
Application customization properties
You can specify customized application labels and the AppName in a properties file. Give it a name such as the mobile.properties file, or similar. The file must be stored under the shared_data_directory_root/customization/strings directory.
appname.pluraltitle=IBM Connections
activities.singulartitle=Activity
activities.pluraltitle=Activities
blogs.singulartitle=Blog
blogs.pluraltitle=Blogs
bookmarks.singulartitle=Bookmark
bookmarks.pluraltitle=Bookmarks
communities.singulartitle=Community
communities.pluraltitle=Communities
files.singulartitle=File
files.pluraltitle=Files
forums.singulartitle=Forum
forums.pluraltitle=Forums
profiles.singulartitle=Profile
profiles.pluraltitle=Profiles
wikis.singulartitle=Wiki
wikis.pluraltitle=Wikis
For multiple locale support, create a properties file for each locale and store it in the same folder as the English-language properties file. For example, add a mobile_fr.properties file for the french locale.
- enabled
- App customizations are disabled by default. To enable them, set the value to true in the Customizations element.
- CustomizationLocation
- Specifies the name of the customization properties file.Note: Specify the file name without the .properties extension. For example, enter mobile, not mobile.properties.
- appname.title
- Represents the customized app name. If this property is not specified, the value of the Appname element in the mobile-config.xml file is used. However, that value is overridden by the appname.title property if it is specified in the properties file.
- ForegroundColor
- If you customize the IBM Connections app theme color using ThemeColor property, ForegroundColor allows you to customize the color of the text and icons that are displayed in areas where the theme color is shown. The value is a 6 character string that represents a hexadecimal color code. The default value is blank.Note: If an MDM is used to set this value, it overrides this ForegroundColor setting.Note: If a value is not specified for the ForegroundColor or ThemeColor property, the default app color is used.Note: ForegroundColor is only supported on iOS and Android.
- ThemeColor
- Allows you
to customize the main app theme color of the IBM Connections app.
The value is a 6 character string that represents a hexadecimal color
code. The default value is blank.
IBM Connections app colors are tied to the account. When a user logs out, the theme colors revert to the colors that are shipped with the IBM Connections app. When a theme color is not specified using ThemeColor, the theme colors shipped with the IBM Connections app are used.
Note: If an MDM is used to set this value, it overrides this ThemeColor setting.Note: If a value is not specified for the ForegroundColor or ThemeColor property, the default app color is used.Note: ThemeColor is only supported on iOS and Android.
appname.pluraltitle=IBM Connections
activities.singulartitle=Task
activities.pluraltitle=Tasks
blogs.singulartitle=ContentShare
blogs.pluraltitle=ContentShare
bookmarks.singulartitle=URL
bookmarks.pluraltitle=URLs
communities.singulartitle=Teamroom
communities.pluraltitle=Teamrooms
files.singulartitle=Document
files.pluraltitle=Documents
forums.singulartitle=GroupShare
forums.pluraltitle=GroupShares
homepage.singulartitle=Updates
homepage.pluraltitle= Updates
profiles.singulartitle=Blue Page
profiles.pluraltitle=Blue Pages
wikis.singulartitle=Wiki
wikis.pluraltitle=Wikis
Navigation Groups properties
The order of navigation entries in the Navigation Groups section determines the order in which navigation entries are shown in the navigation drawer in the client.
Edit this section to change the sequence of navigation groups in the client, to hide a navigation group, and to specify the applications that appear in a group. An application list can include extensions as well as the default Connections applications.
You can specify whether a navigation group is expanded or collapsed by default.
<!-- START NAVIGATION GROUPS SECTION -->
<NavigationGroups>
<NavigationGroup name ="Favorites">
<ApplicationsList>communities,wikis,activities</ApplicationsList>
<Expanded>false</Expanded>
<HideNavGroup>false</HideNavGroup>
</NavigationGroup>
<NavigationGroup name = "Updates">
<Expanded>true</Expanded>
<HideNavGroup>true</HideNavGroup>
</NavigationGroup>
<NavigationGroup name = "Applications">
<Expanded>true</Expanded>
<HideNavGroup>false</HideNavGroup>
<ApplicationsList>profiles,communities,files,filesync,wikis,activities,forums,blogs,bookmarks</ApplicationsList>
</NavigationGroup>
</NavigationGroups>
- NavigationGroup
- The name of a navigation group. The default groups are Favorites,
Updates, and Applications. You can add your own custom navigation
groups. For example:
<NavigationGroup name = "Our Extensions" label = "Our Extensions"> <Expanded>true</Expanded> <HideNavGroup>false</HideNavGroup> <ApplicationsList>Extension1,Extension2,Extension3</ApplicationsList> </NavigationGroup>
- Label
- Specify a label for a custom navigation group.
- Expanded
- Determines whether the navigation group is collapsed or expanded. The default value is true, meaning that the group is expanded. Users can change this setting in the client on their mobile device.
- HideNavGroup
- Determines whether the navigation group is hidden or displayed. The default value is false, meaning that the navigation group is displayed.
- ApplicationsList
- Determine the applications and extensions that appear in a navigation group. The order of applications in this list determines their display order in the client.
Geolocation reporting
<ReportLocation enable="true|false">
<URL></URL>
<Type>Time|Distance</Type>
<Value>n</Value>
</ReportLocation>
- ReportLocation enable
- Enables and disables geolocation reporting. The default value is false, which disables reporting.
- URL
- The URL used by the IBM Connections app
to post the GPS coordinates. If a URL is not specified, geolocation
reporting is disabled. The URL must point to a servlet that accepts
a POST request. The POST request contains the following parameters
that are formatted as json:
- userName
- The display name for the user.
- userId
- The user ID that is used to log in to the IBM Connections server.
- userLat
- The latitude of the user's location.
- userLong
- The longitude of the user's location.
An example of body data is shown in the following code:{"userName":"Amy Jones","userId":"ajones@mycompany.com","userLat":22.5780445,"userLong":88.48662609999997}
- Type
- If you specify Time, GPS coordinate updates are based on changes in time.
- If you specify Distance, GPS coordinate updates are based on changes in location.
- Value
- If Type=Time, specify how often, in minutes, the current GPS location is to be reported. The minimum time is 7 minutes. Any setting shorter than 7 minutes is automatically set to 7 minutes.
- If Type=Distance, specify how much the location needs to change, in meters, before a GPS location update is reported. The minimum distance is 500 meters. Any setting shorting than 500 meters is automatically set to 500 meters.
- The IBM Connections app must be running and logged in to the account where GPS reporting is enabled. When the user switches to another account or logs out of the account, the GPS reporting is stopped. On Android, if a user backs out of the IBM Connections app, GPS reporting stops.
- On iOS, for the GPS location information to be reported successfully, the end user must allow the IBM Connections app to access location information and allow the IBM Connections app to access location information when running in the background. The IBM Connections app cannot control the specific time that iOS schedules the update when running in the background. Therefore, when using Type=Distance, the reporting time might not be exact on iOS.
File Sync properties
<!-- START FILE SYNC SECTION -->
<FileSync enabled="true">
<InactiveDevicesPurgeThreshold>30</InactiveDevicesPurgeThreshold>
<AutoSync>true</AutoSync>
</FileSync>
<!-- START FILE DIFF SECTION -->
<FileDiff enabled="true">
<StoragePath>${MOBILE_CONTENT_DIR}</StoragePath>
<MaximumFileSize>512000</MaximumFileSize>
<MinimumFileSize>100</MinimumFileSize>
<MaximumDiffPercent>95</MaximumDiffPercent>
<MemCacheSize>20</MemCacheSize>
<ChecksumCacheSize>100</ChecksumCacheSize>
<ChecksumCachePruningInterval>30</ChecksumCachePruningInterval>
<DiffCacheSize>200</DiffCacheSize>
<DiffCachePruningInterval>10</DiffCachePruningInterval>
</FileDiff>
- FileSync enabled
- Enable or disable the File Sync extension by specifying a value of true or false.
- InactiveDevicesPurgeThreshold
- Defines a period during which a device did not trigger a file synchronization. When the limit is reached, the device is removed from the File Sync registry and the File Sync list on the device is purged. Specify a value in days.
- AutoSync
- Defines whether File Sync automatically synchronizes files. Specify a value of true or false. Specifies whether a user can designate a file to be synchronized automatically. If the value of this property is false, users must sync files manually. If the value is true, users can decide to specify manual or automatic synchronization. In this case, the default is automatic synchronization.
- FileDiff enabled
- Defines whether the File Diff function is enabled. File Diff computes the difference between any two versions of a file by using the rsync algorithm. The default value is true.
- StoragePath
- Defines the path to the directory where synchronized files are
stored. Specify this value by creating a WebSphere® variable that points to the directory.
For example: MOBILE_CONTENT_DIR. Note: Ensure that this directory is a child of the Files content store directory.
- MaximumFileSize
- Defines the maximum size of files that are updated differentially. Files that are bigger than this value are downloaded in full instead of being updated differentially. Specify a value in KB.
- MinimumFileSize
- Defines the minimum size of files that are updated differentially. Files that are smaller than this value are downloaded in full instead of being updated differentially. Specify a value in KB.
- MaximumDiffPercent
- Defines the size of the differential that determines whether a file is updated differentially or downloaded in its entirety. For example, if you specify a value of 95% and a file changes by more than 95%, the entire file is downloaded. If the file changes by less than 95%, only the differential is downloaded. Specify an integer value.
- ChecksumCacheSize
- Defines the amount of disk space that is reserved for storing the checksum cache. Checksums are used by the File Diff function. Specify a value in MB.
- ChecksumCachePruningInterval
- Defines the interval in days after which the checksum cache is purged. Specify an integer value.
- DiffCacheSize
- Defines the size of the cache that is used for storing the file differentials that are computed by the File Diff algorithm. Specify a value in MB.
- DiffCachePruningInterval
- Defines the interval in days after which the File Diff cache is purged. Specify an integer value.
Push Notifications properties
<!-- START PUSH NOTIFICATIONS SECTION -->
<Push enabled="false">
<!-- RetryAttempts : Max number of attempts for GCM/APNS to deliver a message. -->
<RetryAttempts>3</RetryAttempts>
<!-- RetryInterval : Initial retry interval in mins for Exponential Backoff -->
<RetryInterval>5</RetryInterval>
<!-- ExponentialBackOffLimit : Maximum limit in mins for Exponential Backoff after which retries only happen at the limit interval-->
<ExponentialBackOffLimit>60</ExponentialBackOffLimit>
<!-- PushNotificationReapInterval : Delete Notification from the persistent store beyond the reap interval in days.-->
<PushNotificationReapInterval>3</PushNotificationReapInterval>
<!-- Proxy Server Host and Port for Push Notifications -->
<ProxyHost></ProxyHost>
<ProxyPort>80</ProxyPort>
<!-- Android Specific Push Config -->
<GCM>
<!-- Number of persistent connections to the GCM service -->
<MaxPooledConnections>10</MaxPooledConnections>
<!-- The interval in seconds before pending messages are flushed -->
<MessageFlushInterval>15</MessageFlushInterval>
<!-- API Key needed by the server to send the Push Message to GCM -->
<GCMAPIKey></GCMAPIKey>
<!-- Sender Id needed by the Client to register itself with GCM -->
<GCMSenderId></GCMSenderId>
<!-- Proxy Http Client: The timeout in seconds used when requesting a connection from the connection manager/pool. -->
<ConnectionRequestTimeout>300</ConnectionRequestTimeout>
<!-- Proxy Http Client: The timeout in seconds to establish a connection with the Proxy Server. -->
<ConnectTimeout>100</ConnectTimeout>
<!-- Proxy Http Client: Defines the socket timeout in seconds, which is the timeout for waiting for data or, put differently, a maximum period inactivity between two consecutive data packets). -->
<SocketTimeout>300</SocketTimeout>
</GCM>
<!-- iOS Specific Push Config -->
<APNS>
<!-- Number of persistent connections to the APNS gateway -->
<MaxPooledConnections>10</MaxPooledConnections>
<!-- FeedbackServicesInterval - Interval in hours to retrieve the list of devices that reported failed-delivery -->
<FeedBackServicesInterval>24</FeedBackServicesInterval>
<!-- Play Sound on Message Arrival on the Device -->
<SoundAlert>true</SoundAlert>
</APNS>
</Push>
- Push enabled
- Enable or disable the Push Notifications service by specifying a value of true or false.
- RetryAttempts
- Defines the maximum number of times that the Apple Push Notification Service (APNS) or Google Cloud Messaging (GCM) tries to deliver a message.
- RetryInterval
- Defines the initial retry interval for Exponential Backoff. For example, if this property is set to 10, the server tries every 10 minutes to deliver a push notification until it succeeds. Specify a value in minutes. The default value is 5.
- ExponentialBackOffLimit
- Defines the limit in minutes for Exponential Backoff after which requests to the server are attempted at the intervals that are defined by this property. For example, if this property is set to 30, the server tries every 30 minutes to deliver a push notification until it succeeds. Specify a value in minutes. The default value is 60.
- PushNotificationReapInterval
- Defines the number of days after which an existing push notification is removed from the database. Specify a value in days. The default value is 3.
- ProxyHost
- Defines the hostname of the server where the proxy server resides.
- ProxyPort
- Defines the port number that the proxy server is using to listen for requests.
- APNS
- Defines extra Push Notifications properties for iOS devices.
- MaxPooledConnections
- Defines the number of persistent connections to the APNS gateway. Specify an integer value. The default value is 10.
- FeedBackServicesInterval
- Defines how often the server retrieves a list of devices that reported a failure to deliver a notification. Specify a value in hours.
- SoundAlert
- Defines whether a sound is played when a notification is received by the device. Specify a value of true or false.
- GCM
- Defines extra Push Notification properties that are used for Google Cloud Messaging (GCM) on Android devices.
- MaxPooledConnections
- Defines the number of persistent connections to the GCM service. Specify an integer value. The default value is 10.
- MessageFlushInterval
- Defines the interval after which pending messages are flushed. Specify a value in seconds.
- GCMAPIKey
- Defines the API Key that is used by the server to send a Push Notification to GCM. If no value is entered, the server uses a default account.
- GCMSenderId
- Defines the sender ID that is used by the mobile device to register itself with GCM. If no value is entered, the server uses a default account.
- ConnectionRequestTimeout
- Defines the timeout period in seconds for the proxy HTTP client when requesting a connection from the connection manager/pool.
- ConnectTimeout
- Defines the timeout period in seconds for the proxy HTTP client to establish a connection with the proxy server.
- SocketTimeout
- Defines the socket timeout period in seconds for the proxy HTTP client, which is the timeout period waiting for data, also known as the maximum allowed time of inactivity between two consecutive data packets.
Security management properties
To enable security management of the IBM Connections native apps, change the default value of the MobileAdmin property. For more information about administering security for the Mobile application, see the Configuring security for mobile topic.
- MobileAdmin
- Mobile security administration is disabled by default. To enable it, set the value of the MobileAdmin property to true.
- ServiceLocation
- Specifies the location of the security management service for Mobile. By default, the
ServiceLocation property is empty. An empty value indicates that the security management service is
collocated with the IBM Connections server. Provide the location of the mobile security management service (Mobile Security Management EAR ) in the format: https://hostname:<port number> if the mobile security management service is hosted on a separate domain. To verify that the service location has been specified correctly, check the device log file to verify that it contains the following line:
In case of failure, the following line is logged in the device log file:Received normal status code for access denial check with url <serviceLocation>/mobileAdmin/security?deviceId=<deviceId>&userId=<userId>
Service Location is incorrectly defined.Please make sure that the location starts with the https protocol when defined in the mobile config file. --> <ServiceLocation></ServiceLocation> </MobileAdmin>
Change the value of this property only if the security management service is deployed on a domain different from IBM Connections. For example, if IBM Connections is hosted at https://example.com and the security management service is hosted at https://example.org, change the value of the ServiceLocation property to https://example.org.
If you specify a domain for the security management service in this property, you must enable single sign-on between this domain and the IBM Connections domain.
Note: Disable the Mobile security administration by setting MobileAdmin to false if you are using an MDM such as MaaS360 or MobileIron.
Security properties
- AuthType
- Specifies the authentication type. Allowed values are SiteMinder, Form, Basic, and SPNEGO. There is no default value. When using SPNEGO, the iOS app supports SPNEGO with NTLM and SPNEGO with Kerberos. The Android app only supports SPNEGO with NTLM.
- enabled
- The security settings are disabled by default. To enable them, set the value to true.
- InfoPageNegativePathPattern
- Contains a regular expression that can be used to match the URL of a negative response page. The detection of the negative page indicates that the user did not accept the information page. When this URL pattern is matched, the user cannot open the app.
- InfoPagePathPattern
- Contains a regular expression that can be used to match the URL of the information page. The information page usually states the terms of using the website. Users must agree to the terms before they can proceed. When this URL pattern is matched, the user can open the app.
- InfoPagePositivePathPattern
- Contains a regular expression that can be used to match the URL of a positive response page. The detection of the positive page indicates that the user accepted the information page.
- LoginFormName
- Defines the login form name in the custom authentication form.
- LoginUrlContext
- Defines the login URL context for the custom authentication form.
- LoginErrorUrlContext
- Defines the error URL login context.
- PasswordFieldName
- Defines the password field name in the custom authentication form.
- RejectUntrustedCertificates
- When set to true, the app rejects any untrusted certificates that are presented to it and denies app access. The default value is false.
- UseridFieldName
- Defines the user field name in the custom authentication form.
- TermsOfUsageURL
- Specifies the address of a webpage that contains a Terms of
Usage statement for the Connections mobile app. The Connections
app displays the webpage during login and provides OK and Cancel links.
The user must confirm acceptance of the terms by tapping OK before
the login continues. If the user taps Cancel,
the login process is stopped and the app closes.
This setting provides a simple way for administrators to show a single Terms of Usage page that the user either accepts or rejects. If your Connections deployment requires a more sophisticated process, such as recording that the user accepted the agreement, use the InfoPagePathPattern setting.
Note: The webpage that is specified by this property is displayed before the user logs in. Therefore, do not specify a secure (https) page. - TermsOfUsagePromptAlways
- When set to true, the user is always shown terms of usage when they log
in to the app. The default value is true. Note: If RememberPassword is set to true, then terms of usage is shown when the user logs in for the first time, after the user logs out, or after the app is restarted. Terms of usage is not shown when the app automatically logs the user in due to the authentication token timing out.
If TermsOfUsagePromptAlways is set to false, the user only sees terms of usage the first time they log in to the app, or if the user logs in and the value of the TermsOfUsageURL has changed since the last time the user logged in. If you set TermsOfUsagePromptAlways to false, but you want to display terms of usage when its contents are updated, you must update a parameter on the URL each time you update the terms of usage contents. For example, set TermsOfUsageURL to http://mycompany.com/terms.html?v=1. If you update terms.html, you must change the value of TermsOfUsageURL to something else, such as http://mycompany.com/terms.html?v=2, so that the app displays terms of usage again.
App password policy properties
<AppPassword enabled=“true|false”>
<Type>Numeric|Alphabetic||Alphanumeric|Complex</Type>
<MinLength>nn</MinLength>
<MinLetters>nn</MinLetters>
<MinNumeric>nn</MinNumeric>
<MinNonLetters>nn</MinNonLetters>
<MinUpperCase>nn</MinUpperCase>
<MinLowerCase>nn</MinLowerCase>
<MinSymbols>nn</MinSymbols>
<Autolock>nn</Autolock>
<Expiration>nn</Expiration>
<History>nn</History>
<WipeFailures>nn</WipeFailures>
<AllowSequences>true|false</AllowSequences>
<AllowFingerprintAuthentication>true|false<AllowFingerprintAuthentication>
</AppPassword
>
- AppPassword enabled
- Enable or disable the app password policy by specifying a value of true or false. false is the default value.
- Type
- Required. Valid values include:
- Numeric
- Password can only contain numeric characters.
- Alphabetic
- Password can contain alphabetic characters and symbols but no numeric characters.
- Alphanumeric
- Password must contain at least one alphabetic character and one numeric character.
- Complex
- Password must contain at least one alphabetic character, one numeric character, and one special character.
- MinLength
- Optional. The minimum length requirement for the password. If Type is set to Numeric:
- On iOS, MinLength is set to 4.
- On Android, valid values for MinLength range from 4 to 8.
- MinLetters
- Optional. The minimum number of letters required for a complex password. This only applies to Complex password types. The default value is 1.
- MinNumeric
- Optional. The minimum number of numeric characters required for a complex password. This only applies to Complex password types. The default value is 1.
- MinNonLetters
- Optional. The minimum number of non-alphanumeric characters required for a complex password. This only applies to Complex password types. The default value is 1.
- MinUpperCase
- Optional. The minimum number of uppercase letters required for a complex password. This only applies to Complex password types. The default value is 0.
- MinLowerCase
- Optional. The minimum number of lowercase letters required for a complex password. This only applies to Complex password types. The default value is 0.
- MinSymbols
- Optional. The minimum number of symbols required for a complex password. This only applies to Complex password types. The default value is 1.
- Autolock
- Optional. A timeout value, in minutes, that requires the user to re-enter their password if no activity has taken place for the time period that is defined in this property. The default value is 0 (no autolock).
- Expiration
- Optional. The number of days that a password can be used before the user is required to change it. The default value is 0 (no password expiration).
- History
- Optional. The number of unique passwords required before reuse of a password is allowed. The default value is 0 (no history maintained).
- WipeFailures
- Optional. The number of times a user can enter an incorrect password before all data for the app is removed from the device. The default value is 0 (no wipe).
- AllowSequences
- Optional. Indicates if the password can contain ascending, descending, or repeating characters. Valid values include true and false. If set to false, the password cannot contain any repeating characters or 3 or more ascending or descending characters. The default value is true.
- AllowFingerprintAuthentication
- Optional. When enabled, and if the device supports fingerprint recognition, users can unlock the IBM Connections app using their fingerprint without having to enter their IBM Connections app password. Valid values include true and false. The default value is false, which disables using fingerprint authentication.
- Type values from most secure to least secure:
- Complex
- Alphanumeric
- Alphabetic
- Numeric
- The largest MinLength setting takes effect.
- The smallest Autolock setting takes effect.
- The smallest Expiration setting takes effect.
- The largest History setting takes effect.
- The smallest WipeFailures setting takes effect.
- AllowSequences=false overrides AllowSequences=true.
- AllowFingerprintAuthentication=false overrides AllowFingerprintAuthentication=true.
MAMRequired properties
- enabled
- Enables the Mobile Application Management requirement. To disable the requirement, set the value to false.
- MAMSignature
- The MAM Policy Signature which the app will validate against the MAM provider. For more information on using the MAM Required policy and how to generate the MAMSignature value see Configuring the Mobile Application Management Required policy for Connecetions Mobile.
Extensibility properties
Use these properties to add new applications to the Home page. For information about how to apply these properties, see the Applying extensibility properties topic.
- name
- Specifies a unique name for the application.
- enabled
- Shows or hides the application in the Home page by specifying true or false. The default value is true.
- ApplicationIcon
- Specifies the icon images for each operating system and density.
Images must be stored under the shared_data_directory_root/customization/mobile/images directory.
If this directory structure does not already exist, you must create
it. Copy your icons to the directory that is appropriate for each mobile operating system:
android/hdpi
- android/ldpi
- android/mdpi
android/xhdpi
- android/xxhdpi
- android/xxxhdpi
bb/hdpi
bb/ldpi
bb/mdpi
ios/reg
ios/retina
HPDI, MPDI, and LPDI correspond to high, medium, and low densities on Android. XHDPI, XXHDPI, and XXXHDPI describe extra-high density resolutions. HighDensity, MedDensity, and LowDensity correspond to the screen densities on BlackBerry. Reg and Retina are the screen densities on iOS.
(iOS only) You can find the default icons for Regular and Retina at the following location: node/installedApps/cell/Mobile.ear/mobile.web.war/extensibilityIcons. For information about the specifications for icons, see the Extensibility Icons for iOS topic.
Use the following standard image sizes for iOS icons:- Reg: 24 pixels x 24 pixels 72 pixels per inch
- Retina: 48 pixels x 48 pixels 72 pixels per inch
- DefaultLocation
- Specifies the location of an image for the web client. This location is typically the shared_data_directory_root/customization/mobile/images directory. This image is used if you do not specify an image for any of the density fields.
- ApplicationLabel
- Specifies a label for the new application. The label is displayed on the Home page.
- ApplicationURL
- Specifies the web address of the application or the native app
URI for the application. IBM Connections
uses this URL to start the new application.Note: Users might be prompted to enter their credentials again because single sign-on between the Connections mobile app and other mobile apps, such as IBM Sametime®, is not supported.
<Applications>
<Application name="ApplicationName" enabled="true">
<ApplicationIcon>
<Android>
<Hdpi>/images/ibmhdpi.jpg</Hdpi>
<Mdpi>/images/ibmmdpi.jpg</Mdpi>
<Ldpi>/images/ibmldpi.jpg</Ldpi>
</Android>
<IOS>
<Reg>reg</Reg>
<Retina>retina</Retina>
</IOS>
<BB>
<HighDensity></HighDensity>
<MedDensity></MedDensity>
<LowDensity></LowDensity>
</BB>
<DefaultLocation>/images/ibm50.jpg</DefaultLocation>
</ApplicationIcon>
<ApplicationLabel>IBM</ApplicationLabel>
<ApplicationURL>http://www.ibm.com</ApplicationURL></>
</Application>
</Applications>
<ApplicationsList>profiles,communities,files,filesync,wikis,activities,forums,blogs,bookmarks,Instant Messaging</ApplicationsList>