Mobile configuration properties for HCL Connections™ 6.5
Configuration properties in the mobile-config.xml file control how users can interact with the Connections mobile app.
Modifying configuration properties
For information about how to modify a configuration property in the mobile-config.xml file, see the Changing Mobile configuration property values topic.- Enabled properties must have a value of either true or false.
- Number values must be integers.
You can modify the following configuration properties:
General properties
- AllowCopyandPaste
- Allows the copying and pasting of text throughout the application. The default value is true. To prevent copying and pasting, set this value to false.
- AllowEditor
- Allows a mobile user to edit Connections files using the HCL Connections Editor mobile app for iOS and Android devices. The default value is true.
- AllowEmailing
- Enables
mailto
tags within Connections content. If this option is disabled,mailto
tags will still be visible, but clicking the link will result in a message indicating that email from the Connections Mobile app has been disabled. - AllowiTunesSharing (iOS only)
- Allows documents to be shared when you sync your device with iTunes. The default value is true. Note that this setting does not apply to the application log files.
- AllowPrint (iOS only)
- Allows user to print content from the HCL Connections app wherever the print option is available. Valid values are true and false. The default value is true.
- AllowRemoveAccount
- Enables users to delete accounts on a device without having to first login, which includes
deleting accounts that are no longer used or for which the password has been forgotten. Valid values
are true and false. The default value is
false.
When you set this option to true, accounts can be removed from a mobile device without requiring the user to login and without any authorization check. The user is asked to confirm the deletion of an account before it is removed.
If there are multiple accounts on a mobile device, only the accounts for which AllowRemoveAccount is set to true can be deleted without having to login.
On iOS, When AllowRemoveAccount is set to true, users can swipe to delete the account from the accounts list. If AllowRemoveAccount is set to false for an account in the account list, a swipe to delete the account does nothing.
Note: If a user has existing accounts that they cannot access and that were created before this feature was available, those accounts cannot be deleted using the AllowRemoveAccount property. You can set an option in your Mobile Device Management (MDM) to allow the deletion of these accounts. Refer to Mobile Device Management (MDM) for more information. - CustomHelpURL
-
Allows to specify custom help option within HCL Connections™ app for logged in users. Once configured and the mobile user logs into their account, this option is available under My Account > Help and Support section in HCL Connections™ app.
The following snippet shows an example of how you can specify CustomHelpURL:
<genericProperty name="CustomHelpURL">https://www.hcl.com</genericProperty>
If specified domain/subdomain patterns for URL matches the External Browser Domain configurations, then Custom Help URL should use an external browser instead of the embedded browser within the HCL Connections mobile app.
Note: If the specified url is a deep link or a universal link that is supported by a native application and is installed on user's device, this will open the native application instead of an external browser. - DefaultApplication
- Specifies the application that is displayed when a user logs in. The default value is
Updates.
Other possible values are Activities, Blogs, Bookmarks, Communities, Files, Forums, Profiles, and Wikis. You can also specify an extension application name; for more information, see the Applying extensibility properties topic.
- DefaultNavigationOrder
- This key controls the initial order of the Connections apps in the main app navigation. The value is a list of Connection app identifiers. Valid values for the Connections apps are updates, communities, files, profiles, favorites, blogs, forums, wikis, offlinefiles, activities, and bookmarks. Also, if you add in application extensions you can specify the application extension unique name in the list. Review Applying extensibility properties for more information.
- ExposeEmailAddress
- Displays email addresses in Profiles. The default value is true. To prevent email addresses from being displayed in Profiles, set the value to false.
- ExposeGeoLocation
- Displays the geographic location of the user in the activity stream. The default value is true. To hide the geographic location, set the value to false.
- InactivityTimeout
- A timeout value, in minutes, that logs the user out of the client if no activity has taken place for the time period that is defined in this property. The default value is 0 minutes, which means that the user is never logged out because of inactivity.
- MinAndroidAppLevel
- Specifies the minimum level of the Connections Android mobile app that is allowed to connect to the server. The default value is empty, which allows any version of the app to connect to the server.
- MiniOSAppLevel
- Specifies the minimum level of the Connections iOS mobile app that is allowed to connect to the server. The default value is empty, which allows any version of the app to connect to the server.
- ProblemReportEmail
- Specify the email address to use for reporting problems and feedback from the Connections Mobile app. The default email address is heyhcl@pnp-hcl.com. This option is available starting with HCL Connections 6.0 CR3.
- RememberPassword
-
Allows users to save their login password on the mobile device. The default value is true. To prevent passwords from being saved, set the value to false; this setting forces users to enter a password each time the Connections app is started.
Note: This option is ignored when AuthType is set to OAuth. - RequireDevicePasscode
-
This key is only supported on iOS. This key requires that a device passcode is set before a user can log in to a Connections server. Device passcodes are required in order to enable the data protection encryption feature used by the Connections app.
When this key is set to true:- A device passcode must be set before the user can log in to an account.
- If the passcode is removed from the device, data associated with accounts that have been previously used to log in will be wiped.
- Updates
- Specifies where updates are displayed. Setting DisplayInLauncher to false hides
updates from the Home page. Setting Updates enabled to false hides
updates from the other applications in Connections.The following list shows an example of Updates properties:
<!-- START UPDATES SECTION --> <Updates enabled="true" displayInLauncher="true"> </Updates>
- WebViewMixedContentMode
- Specifies whether mixed content, for example, SSL and non-SSL content, are allowed in a web
view. The following modes can be entered for this option:
- AlwaysAllow
- Mixed content is always allowed.
- NeverAllow
- Mixed content is never allowed.
- BrowserCompatibility
- This is the default mode. When specified, the web view attempts to be compatible with the approach of a modern web browser with regard to mixed content. The types of content that are allowed or blocked might change from release to release and are not explicitly defined.
Note: This option is only supported on Android devices.
Activities properties
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- enabled
- Enables the application by default. To disable the application, set the value to false.
- PublicActivities
- Allows public activities to be shown. To hide public activities, set the value to false.
Blogs properties
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- enabled
- Enables the application by default. To disable, set the value to false.
- PublicBlogs
- Allows public blogs to be shown. To hide public blogs, set the value to false.
Bookmarks properties
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- enabled
- Enables the application by default. To disable the application, set the value to false.
- PublicBookmarks
- Allows public bookmarks to be shown. To hide public bookmarks, set the value to false.
Communities properties
- AllowAddMembers
- Allows people to be added to a community. The default value is true. Only community owners can add members.
- AllowCommunityForumCreation
- Allows owners of a community to create forums within that community. Default value is false.
- AllowCommunityOwnedFolders
- Allows folders that are owned by a community to be displayed. The default value is true.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view.
- enabled
- Enables the application by default. To disable the application, set the value to false.
- PublicCommunities
- Allows public communities to be shown. To hide public communities, set the value to false.
Files properties
- AllowDownloads
- Allows files to be downloaded to a mobile device. The default value is true. To prevent downloads, set the value to false.
- AllowExport
- Allows files to be exported to specific folders on the device. The default value is true. To
prevent the exporting of files, set the value to false.
This property allows a file to be exported outside of the app's secure container. If this property is disabled, the file cannot be shared with other applications on the mobile device. On iOS, a setting of false would restrict files to being viewed by the built-in viewers. On Android, files would not be downloaded because there is no built-in viewer, meaning that files must be opened outside the app's secure container.
When the value is false:- A user cannot open a file from the HCL Connections™ app from other apps using the iOS Document Provider extension.
- AllowExportToDeviceGallery
- Allows files to be exported to the device gallery on the device. The default value is true. To prevent the exporting of files to the device gallery, set the value to false.
- AllowImport
- Allows files to be imported from a third party app and uploaded using the HCL Connections™ app. The default value is
true.
When the value is true and no whitelist is specified by ImportWhitelist, then any third party app can import files into the HCL Connections™ app.
When the value is false:- Third party apps cannot import files into the HCL Connections™ app.
- Importing photos or videos from the device gallery is not allowed. However, photos can be taken with the camera and imported into the HCL Connections™ app.
- A user cannot save files from other apps using the iOS Document Provider extension.
- AllowUploads
- Allows files to be uploaded from a mobile device. The default value is true. To prevent uploads, set the value to false. Files that are downloaded to a device from within Connections are encrypted using your device's operating system.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- enabled
- Enables the application by default. To disable the application, set the value to false.
- ImportWhitelist
- Specifies a whitelist, or list of apps, that are allowed to import files into the HCL Connections™ app. This value is only used if
AllowImport is set to true. The default value is no
whitelist.
This list is a comma-separated list of app IDs that can import and upload files using the HCL Connections™ app.
Note: Only supported on iOS. If AllowImport=true and a whitelist is specified, then only the 3rd party apps that are listed in ImportWhitelist are allowed to import files into the HCL Connections™ app.Taking a photo or video inside the HCL Connections™ app and uploading it is also allowed. To allow importing of photos and videos from the Camera roll, you must specify the Camera app, com.apple.camera, in the whitelist. To allow importing of photos and videos from the Photos app, you must specify the Photos app, com.apple.mobileslideshow, in the whitelist.
Note: The iOS Document Provider extension cannot honor the list of apps in the whitelist. iOS does not allow extensions to determine which app is launching the extension. Therefore, to protect the security of customers currently relying on the whitelist, our Document Provider extension does not allow any app to save files into HCL Connections™. Users can continue to save files into HCL Connections™ from the whitelist of apps via methods other than the iOS Document Provider extension. - PublicFiles
- Allows public files to be shown. To hide public files, set the value of this property to false.
- ShareWithPublic
- Allows files to be shared with everyone. The default value is true. To hide files from public view, set the value to false.
Forums properties
- AllowForumCreation
- Allows forums to be created. To allow users to create forums, set the value to true.
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- enabled
- Enables the application by default. To disable the application, set the value to false.
- PublicForums
- Allows public forums to be shown. To hide public forums, set the value to false.
Profiles properties
- AllowEditProfile
- By default, users can edit their profiles. To prevent the editing of profiles, set the value to false.
- displayInLauncher
- Allows the application to be displayed in the Home page. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view.
- Upload
- By default, users can upload Profiles picture. To prevent the uploading of Profiles pictures, set the value to false.
Search properties
- GlobalSearch
- Enables global searching by default. To disable searching across all of HCL® Connections, set the value to false. If the property is disabled, users can still search within individual Connections applications.
Surveys properties
- SurveysUrl
- Allows administrators to specify the context for the survey service if it is not the default of
/forms. For example:
<SurveysUrl>/surveys</SurveysUrl>
Wikis properties
- displayInLauncher
- Allows the application to be displayed in the Home page by default. To hide it, set the value to false. When this property is set to false, the application is not visible from the navigation view; however, it is still visible within communities.
- enabled
- Enables the application by default. To disable the application, set the value to false.
- PublicWikis
- Public Wikis are shown. To hide public wikis, set the value to false.
Application customization properties
You can specify customized application labels in a properties file. Give it a name such as the mobile.properties file, or similar. The file must be stored under the shared_data_directory_root/customization/strings directory.
activities.singulartitle=Activity
activities.pluraltitle=Activities
blogs.singulartitle=Blog
blogs.pluraltitle=Blogs
bookmarks.singulartitle=Bookmark
bookmarks.pluraltitle=Bookmarks
communities.singulartitle=Community
communities.pluraltitle=Communities
files.singulartitle=File
files.pluraltitle=Files
forums.singulartitle=Forum
forums.pluraltitle=Forums
profiles.singulartitle=Profile
profiles.pluraltitle=Profiles
wikis.singulartitle=Wiki
wikis.pluraltitle=Wikis
For multiple locale support, create a properties file for each locale and store it in the same folder as the English-language properties file. For example, add a mobile_fr.properties file for the french locale.
- CustomizationLocation
- Specifies the name of the customization properties file.Note: Specify the file name without the .properties extension. For example, enter mobile, not mobile.properties.
- enabled
- App customizations are disabled by default. To enable them, set the value to true in the Customizations element.
- ForegroundColor
- If you customize the HCL Connections™ app theme color using ThemeColor property, ForegroundColor allows you to customize the color of the text and icons that are displayed in areas where the theme color is shown. The value is a 6 character string that represents a hexadecimal color code. The default value is blank.Note: If an MDM is used to set this value, it overrides this ForegroundColor setting.Note: If a value is not specified for the ForegroundColor or ThemeColor property, the default app color is used.Note: ForegroundColor is only supported on iOS and Android.
- ThemeColor
- Allows you to customize the main app theme color of the HCL Connections™ app. The value is a 6 character
string that represents a hexadecimal color code. The default value is blank.
HCL Connections™ app colors are tied to the account. When a user logs out, the theme colors revert to the colors that are shipped with the HCL Connections™ app. When a theme color is not specified using ThemeColor, the theme colors shipped with the HCL Connections™ app are used.
Note:- If an MDM is used to set this value, it overrides this ThemeColor setting.
- If a value is not specified for the ForegroundColor or ThemeColor property, the default app color is used.
- ThemeColor is only supported on iOS and Android.
activities.singulartitle=Task
activities.pluraltitle=Tasks
blogs.singulartitle=ContentShare
blogs.pluraltitle=ContentShare
bookmarks.singulartitle=URL
bookmarks.pluraltitle=URLs
communities.singulartitle=Teamroom
communities.pluraltitle=Teamrooms
files.singulartitle=Document
files.pluraltitle=Documents
forums.singulartitle=GroupShare
forums.pluraltitle=GroupShares
homepage.singulartitle=Updates
homepage.pluraltitle= Updates
profiles.singulartitle=Blue Page
profiles.pluraltitle=Blue Pages
wikis.singulartitle=Wiki
wikis.pluraltitle=Wikis
Geolocation reporting
<ReportLocation enable="true|false">
<URL></URL>
<Type>Time|Distance</Type>
<Value>n</Value>
</ReportLocation>
- ReportLocation enable
- Enables and disables geolocation reporting. The default value is false, which disables reporting.
- URL
- The URL used by the HCL Connections™ app
to post the GPS coordinates. If a URL is not specified, geolocation
reporting is disabled. The URL must point to a servlet that accepts
a POST request. The POST request contains the following parameters
that are formatted as json:
- userName
- The display name for the user.
- userId
- The user ID that is used to log in to the HCL Connections™ server.
- userLat
- The latitude of the user's location.
- userLong
- The longitude of the user's location.
An example of body data is shown in the following code:{"userName":"Amy Jones","userId":"ajones@mycompany.com","userLat":22.5780445,"userLong":88.48662609999997}
- Type
- If you specify Time, GPS coordinate updates are based on changes in time.
- Value
- If Type=Time, specify how often, in minutes, the current GPS location is to be reported. The minimum time is 7 minutes. Any setting shorter than 7 minutes is automatically set to 7 minutes.
- The HCL Connections™ app must be running and logged in to the account where GPS reporting is enabled. When the user switches to another account or logs out of the account, the GPS reporting is stopped. On Android, if a user backs out of the HCL Connections™ app, GPS reporting stops.
- On iOS, for the GPS location information to be reported successfully, the end user must allow the HCL Connections™ app to access location information and allow the HCL Connections™ app to access location information when running in the background. The HCL Connections™ app cannot control the specific time that iOS schedules the update when running in the background. Therefore, when using Type=Distance, the reporting time might not be exact on iOS.
File Sync properties
<!-- START FILE SYNC SECTION -->
<FileSync enabled="true">
<InactiveDevicesPurgeThreshold>30</InactiveDevicesPurgeThreshold>
<AutoSync>true</AutoSync>
</FileSync>
<!-- START FILE DIFF SECTION -->
<FileDiff enabled="true">
<StoragePath>${MOBILE_CONTENT_DIR}</StoragePath>
<MaximumFileSize>512000</MaximumFileSize>
<MinimumFileSize>100</MinimumFileSize>
<MaximumDiffPercent>95</MaximumDiffPercent>
<MemCacheSize>20</MemCacheSize>
<ChecksumCacheSize>100</ChecksumCacheSize>
<ChecksumCachePruningInterval>30</ChecksumCachePruningInterval>
<DiffCacheSize>200</DiffCacheSize>
<DiffCachePruningInterval>10</DiffCachePruningInterval>
</FileDiff>
- FileSync enabled
- Enable or disable the File Sync extension by specifying a value of true or false.
- InactiveDevicesPurgeThreshold
- Defines a period during which a device did not trigger a file synchronization. When the limit is reached, the device is removed from the File Sync registry and the File Sync list on the device is purged. Specify a value in days.
- AutoSync
- Defines whether File Sync automatically synchronizes files. Specify a value of true or false. Specifies whether a user can designate a file to be synchronized automatically. If the value of this property is false, users must sync files manually. If the value is true, users can decide to specify manual or automatic synchronization. In this case, the default is automatic synchronization.
- ChecksumCachePruningInterval
- Defines the interval in days after which the checksum cache is purged. Specify an integer value.
- ChecksumCacheSize
- Defines the amount of disk space that is reserved for storing the checksum cache. Checksums are used by the File Diff function. Specify a value in MB.
- DiffCacheSize
- Defines the size of the cache that is used for storing the file differentials that are computed by the File Diff algorithm. Specify a value in MB.
- DiffCachePruningInterval
- Defines the interval in days after which the File Diff cache is purged. Specify an integer value.
- FileDiff enabled
- Defines whether the File Diff function is enabled. File Diff computes the difference between any two versions of a file by using the rsync algorithm. The default value is true.
- StoragePath
- Defines the path to the directory where synchronized files are stored. Specify this value by
creating a WebSphere® variable that points to the
directory. For example: MOBILE_CONTENT_DIR. Important: Ensure that this directory is a child of the Files content store directory.
- MaximumFileSize
- Defines the maximum size of files that are updated differentially. Files that are bigger than this value are downloaded in full instead of being updated differentially. Specify a value in KB.
- MaximumDiffPercent
- Defines the size of the differential that determines whether a file is updated differentially or downloaded in its entirety. For example, if you specify a value of 95% and a file changes by more than 95%, the entire file is downloaded. If the file changes by less than 95%, only the differential is downloaded. Specify an integer value.
- MinimumFileSize
- Defines the minimum size of files that are updated differentially. Files that are smaller than this value are downloaded in full instead of being updated differentially. Specify a value in KB.
Push Notifications properties
<!-- START PUSH NOTIFICATIONS SECTION -->
<Push enabled="false">
<!-- RetryAttempts : Max number of attempts for GCM/APNS to deliver a message. -->
<RetryAttempts>3</RetryAttempts>
<!-- RetryInterval : Initial retry interval in mins for Exponential Backoff -->
<RetryInterval>5</RetryInterval>
<!-- ExponentialBackOffLimit : Maximum limit in mins for Exponential Backoff after which retries only happen at the limit interval-->
<ExponentialBackOffLimit>60</ExponentialBackOffLimit>
<!-- PushNotificationReapInterval : Delete Notification from the persistent store beyond the reap interval in days.-->
<PushNotificationReapInterval>3</PushNotificationReapInterval>
<!-- Proxy Server Host and Port for Push Notifications -->
<ProxyHost></ProxyHost>
<ProxyPort>80</ProxyPort>
<!-- Android Specific Push Config -->
<GCM>
<!-- Number of persistent connections to the GCM service -->
<MaxPooledConnections>10</MaxPooledConnections>
<!-- The interval in seconds before pending messages are flushed -->
<MessageFlushInterval>15</MessageFlushInterval>
<!-- API Key needed by the server to send the Push Message to GCM -->
<GCMAPIKey></GCMAPIKey>
<!-- Sender Id needed by the Client to register itself with GCM -->
<GCMSenderId></GCMSenderId>
<!-- Proxy Http Client: The timeout in seconds used when requesting a connection from the connection manager/pool. -->
<ConnectionRequestTimeout>300</ConnectionRequestTimeout>
<!-- Proxy Http Client: The timeout in seconds to establish a connection with the Proxy Server. -->
<ConnectTimeout>100</ConnectTimeout>
<!-- Proxy Http Client: Defines the socket timeout in seconds, which is the timeout for waiting for data or, put differently, a maximum period inactivity between two consecutive data packets). -->
<SocketTimeout>300</SocketTimeout>
</GCM>
<!-- iOS Specific Push Config -->
<APNS>
<!-- Number of persistent connections to the APNS gateway -->
<MaxPooledConnections>10</MaxPooledConnections>
<!-- FeedbackServicesInterval - Interval in hours to retrieve the list of devices that reported failed-delivery -->
<FeedBackServicesInterval>24</FeedBackServicesInterval>
<!-- Play Sound on Message Arrival on the Device -->
<SoundAlert>true</SoundAlert>
</APNS>
</Push>
- Push enabled
- Enable or disable the Push Notifications service by specifying a value of true or false.
- RetryAttempts
- Defines the maximum number of times that the Apple Push Notification Service (APNS) or Google Cloud Messaging (GCM) tries to deliver a message.
- RetryInterval
- Defines the initial retry interval for Exponential Backoff. For example, if this property is set to 10, the server tries every 10 minutes to deliver a push notification until it succeeds. Specify a value in minutes. The default value is 5.
- ExponentialBackOffLimit
- Defines the limit in minutes for Exponential Backoff after which requests to the server are attempted at the intervals that are defined by this property. For example, if this property is set to 30, the server tries every 30 minutes to deliver a push notification until it succeeds. Specify a value in minutes. The default value is 60.
- PushNotificationReapInterval
- Defines the number of days after which an existing push notification is removed from the database. Specify a value in days. The default value is 3.
- ProxyHost
- Defines the hostname of the server where the proxy server resides.
- ProxyPort
- Defines the port number that the proxy server is using to listen for requests.
- APNS
- Defines extra Push Notifications properties for iOS devices.
- MaxPooledConnections
- Defines the number of persistent connections to the APNS gateway. Specify an integer value. The default value is 10.
- FeedBackServicesInterval
- Defines how often the server retrieves a list of devices that reported a failure to deliver a notification. Specify a value in hours.
- SoundAlert
- Defines whether a sound is played when a notification is received by the device. Specify a value of true or false.
- GCM
- Defines extra Push Notification properties that are used for Google Cloud Messaging (GCM) on Android devices.
- MaxPooledConnections
- Defines the number of persistent connections to the GCM service. Specify an integer value. The default value is 10.
- MessageFlushInterval
- Defines the interval after which pending messages are flushed. Specify a value in seconds.
- GCMAPIKey
- Defines the API Key that is used by the server to send a Push Notification to GCM. If no value is entered, the server uses a default account.
- GCMSenderId
- Defines the sender ID that is used by the mobile device to register itself with GCM. If no value is entered, the server uses a default account.
- ConnectionRequestTimeout
- Defines the timeout period in seconds for the proxy HTTP client when requesting a connection from the connection manager/pool.
- ConnectTimeout
- Defines the timeout period in seconds for the proxy HTTP client to establish a connection with the proxy server.
- SocketTimeout
- Defines the socket timeout period in seconds for the proxy HTTP client, which is the timeout period waiting for data, also known as the maximum allowed time of inactivity between two consecutive data packets.
Security management properties
To enable security management of the HCL® Connections native apps, change the default value of the MobileAdmin property. For more information about administering security for the Mobile Server application, see the Configuring security for mobile topic.
- MobileAdmin
- Mobile security administration is disabled by default. To enable it, set the value of the MobileAdmin property to true.
- ServiceLocation
- Specifies the location of the security management service for Mobile. By default, the
ServiceLocation property is empty. An empty value indicates that the security management service is
collocated with the HCL® Connections server. Provide the location of the mobile security management service (Mobile Security Management EAR ) in the format: https://hostname:<port number> if the mobile security management service is hosted on a separate domain. To verify that the service location has been specified correctly, check the device log file to verify that it contains the following line:
In case of failure, the following line is logged in the device log file:Received normal status code for access denial check with url <serviceLocation>/mobileAdmin/security?deviceId=<deviceId>&userId=<userId>
Service Location is incorrectly defined.Please make sure that the location starts with the https protocol when defined in the mobile config file. --> <ServiceLocation></ServiceLocation> </MobileAdmin>
Change the value of this property only if the security management service is deployed on a domain different from HCL® Connections. For example, if HCL® Connections is hosted at https://example.com and the security management service is hosted at https://example.org, change the value of the ServiceLocation property to https://example.org.
If you specify a domain for the security management service in this property, you must enable single sign-on between this domain and the HCL® Connections domain.
Note: Disable the Mobile security administration by setting MobileAdmin to false if you are using an MDM such as MaaS360 or MobileIron.
Security properties
- AccountServerURL
-
Optional. A fully qualified Connections Mobile Server domain name and URL path that must be used by all Connections Mobile Server applications connecting to this server. If this value is set and a Mobile Server application connects to this server without using the same hostname and URL path, then the Mobile Server application will automatically migrate its account to use the Server URL provided here. Do not provide this value unless you require account migration from one URL to another.
For example: https://connections.example.com/mobile
In the preceding example, if a user has configured their Connections Mobile account to use anything other than https://connections.example.com/mobile, then when they connect to this server they will be prompted to automatically migrate the mobile configuration to use https://connections.example.com/mobile as the Connections server.
- AuthType
- Specifies the authentication type. Allowed values are SiteMinder, Form, Basic, SPNEGO, and OAuth. There is no default value. When using SPNEGO, the iOS app supports SPNEGO with NTLM and SPNEGO with Kerberos. The Android app only supports SPNEGO with NTLM.
- enabled
- The security settings are disabled by default. To enable them, set the value to true.
- InfoPageNegativePathPattern
-
Contains a regular expression that can be used to match the URL of a negative response page. The detection of the negative page indicates that the user did not accept the information page. When this URL pattern is matched, the user cannot open the app.
Note: This option is ignored when AuthType is set to OAuth. - InfoPagePathPattern
-
Contains a regular expression that can be used to match the URL of the information page. The information page usually states the terms of using the website. Users must agree to the terms before they can proceed. When this URL pattern is matched, the user can open the app.
Note: This option is ignored when AuthType is set to OAuth. Because the login form will be shown in a webview for OAuth, the information displayed by this page should be shown as part of the authorization flow from the server. - InfoPagePositivePathPattern
- Contains a regular expression that can be used to match the URL of a positive response page. The detection of the positive page indicates that the user accepted the information page.
- LoginFormName
- Defines the login form name in the custom authentication form. Note: This option is ignored when AuthType is set to OAuth.
- LoginUrlContext
- Defines the login URL context for the custom authentication form. Note: This option is ignored when AuthType is set to OAuth.
- LoginErrorUrlContext
- Defines the error URL login context. Note: This option is ignored when AuthType is set to OAuth.
- OAuthAuthorizationURL
-
Fully qualified URL of the OAuth Authorization server authorize endpoint. For example:
https://oauthserver.example.com/op/authorize
This field must be specified when using an AuthType of OAuth.
- OAuthClientId
-
OAuth Client ID used by the Connections Mobile Server application. You must ensure that this client ID is registered with your OAuth Authorization Server. Some Authorization Servers may generate a new client ID for each new application type, and if so, replace the default value with the one registered at the authorization server.
Default value = connections_social_mobile
- OAuthScopes
-
If your OAuth Authorization server requires clients to use a custom scope, then provide the scope or scopes here that should be used by the Connections Mobile app. Separate multiple scopes using a space character. Note that OpenID scope offline_access is not required and not supported at this time.
Default value = <empty>
- OAuthTokenURL
Fully qualified URL of the OAuth Authorization server token endpoint. For example:
https://oauthserver.example.com/op/tokenThis field MUST be specified when using an AuthType of OAuth.
- PasswordFieldName
- Defines the password field name in the custom authentication form. Note: This option is ignored when AuthType is set to OAuth.
- RejectUntrustedCertificates
- When set to true, the app rejects any untrusted certificates that are presented to it and denies app access. The default value is false.
- UseridFieldName
- Defines the user field name in the custom authentication form. Note: This option is ignored when AuthType is set to OAuth.
- TermsOfUsageURL
- Specifies the address of a webpage that contains a Terms of
Usage statement for the Connections mobile app. The Connections
app displays the webpage during login and provides OK and Cancel links.
The user must confirm acceptance of the terms by tapping OK before
the login continues. If the user taps Cancel,
the login process is stopped and the app closes.
This setting provides a simple way for administrators to show a single Terms of Usage page that the user either accepts or rejects. If your Connections deployment requires a more sophisticated process, such as recording that the user accepted the agreement, use the InfoPagePathPattern setting.
Note: The webpage that is specified by this property is displayed before the user logs in. Therefore, do not specify a secure (https) page. - TermsOfUsagePromptAlways
- When set to true, the user is always shown terms of usage when they log
in to the app. The default value is true. Note: If RememberPassword is set to true, then terms of usage is shown when the user logs in for the first time, after the user logs out, or after the app is restarted. Terms of usage is not shown when the app automatically logs the user in due to the authentication token timing out.
If TermsOfUsagePromptAlways is set to false, the user only sees terms of usage the first time they log in to the app, or if the user logs in and the value of the TermsOfUsageURL has changed since the last time the user logged in. If you set TermsOfUsagePromptAlways to false, but you want to display terms of usage when its contents are updated, you must update a parameter on the URL each time you update the terms of usage contents. For example, set TermsOfUsageURL to http://mycompany.com/terms.html?v=1. If you update terms.html, you must change the value of TermsOfUsageURL to something else, such as http://mycompany.com/terms.html?v=2, so that the app displays terms of usage again.
App password policy properties
<AppPassword enabled="true|false">
<Type>Numeric|Alphabetic||Alphanumeric|Complex</Type>
<MinLength>nn</MinLength>
<MinLetters>nn</MinLetters>
<MinNumeric>nn</MinNumeric>
<MinNonLetters>nn</MinNonLetters>
<MinUpperCase>nn</MinUpperCase>
<MinLowerCase>nn</MinLowerCase>
<MinSymbols>nn</MinSymbols>
<Autolock>nn</Autolock>
<Expiration>nn</Expiration>
<History>nn</History>
<WipeFailures>nn</WipeFailures>
<AllowSequences>true|false</AllowSequences>
<AllowFingerprintAuthentication>true|false<AllowFingerprintAuthentication>
</AppPassword
>
- AppPassword enabled
- Enable or disable the app password policy by specifying a value of true or false. false is the default value.
- Type
- Required. Valid values include:
- Numeric
- Password can only contain numeric characters.
- Alphabetic
- Password can contain alphabetic characters and symbols but no numeric characters.
- Alphanumeric
- Password must contain at least one alphabetic character and one numeric character.
- Complex
- Password must contain at least one alphabetic character, one numeric character, and one special character.
- MinLength
- Optional. The minimum length requirement for the password. If Type is set to Numeric:
- On iOS, MinLength is set to 4.
- On Android, valid values for MinLength range from 4 to 8.
- MinLetters
- Optional. The minimum number of letters required for a complex password. This only applies to Complex password types. The default value is 1.
- MinNumeric
- Optional. The minimum number of numeric characters required for a complex password. This only applies to Complex password types. The default value is 1.
- MinNonLetters
- Optional. The minimum number of non-alphanumeric characters required for a complex password. This only applies to Complex password types. The default value is 1.
- MinUpperCase
- Optional. The minimum number of uppercase letters required for a complex password. This only applies to Complex password types. The default value is 0.
- MinLowerCase
- Optional. The minimum number of lowercase letters required for a complex password. This only applies to Complex password types. The default value is 0.
- MinSymbols
- Optional. The minimum number of symbols required for a complex password. This only applies to Complex password types. The default value is 1. A symbol is one of the following characters: ! ” # $ % & ’ ( ) * + , - . / : ; < = > ? @
- Autolock
- Optional. A timeout value, in minutes, that requires the user to re-enter their password if no activity has taken place for the time period that is defined in this property. The default value is 0 (no autolock).
- Expiration
- Optional. The number of days that a password can be used before the user is required to change it. The default value is 0 (no password expiration).
- History
- Optional. The number of unique passwords required before reuse of a password is allowed. The default value is 0 (no history maintained).
- WipeFailures
- Optional. The number of times a user can enter an incorrect password before all data for the app is removed from the device. The default value is 0 (no wipe).
- AllowSequences
- Optional. Indicates if the password can contain ascending, descending, or repeating characters. Valid values include true and false. If set to false, the password cannot contain any repeating characters or 3 or more ascending or descending characters. The default value is true.
- AllowFingerprintAuthentication
- Optional. When enabled, and if the device supports fingerprint recognition, users can unlock the HCL Connections™ app using their fingerprint without having to enter their HCL Connections™ app password. Valid values include true and false. The default value is false, which disables using fingerprint authentication.
- Type values from most secure to least secure:
- Complex
- Alphanumeric
- Alphabetic
- Numeric
- The largest MinLength setting takes effect.
- The smallest Autolock setting takes effect.
- The smallest Expiration setting takes effect.
- The largest History setting takes effect.
- The smallest WipeFailures setting takes effect.
- AllowSequences=false overrides AllowSequences=true.
- AllowFingerprintAuthentication=false overrides AllowFingerprintAuthentication=true.
MAMRequired properties
- enabled
- Enables the Mobile Server application Management requirement. To disable the requirement, set the value to false.
- MAMSignature
- The MAM Policy Signature which the app will validate against the MAM provider. For more information on using the MAM Required policy and how to generate the MAMSignature value see Configuring the Mobile Server application Management Required policy for Connecetions Mobile.
Extensibility properties
Use these properties to add new applications to the Home page. For information about how to apply these properties, see the Applying extensibility properties topic.
- name
- Specifies a unique name for the application.
- enabled
- Shows or hides the application in the Home page by specifying true or false. The default value is true.
- ApplicationIcon
- Specifies the icon images for each operating system and density. Images must be stored under the
shared_data_directory_root/customization/mobile/images directory. If
this directory structure does not already exist, you must create it. Copy your icons to the directory that is appropriate for each mobile operating system:
-
android/hdpi
- android/ldpi
- android/mdpi
-
android/xhdpi
- android/xxhdpi
- android/xxxhdpi
-
ios/reg
-
ios/retina
HPDI, MPDI, and LPDI correspond to high, medium, and low densities on Android. XHDPI, XXHDPI, and XXXHDPI describe extra-high density resolutions. Reg and Retina are the screen densities on iOS.
(iOS only) You can find the default icons for Regular and Retina at the following location: node/installedApps/cell/Mobile.ear/mobile.web.war/extensibilityIcons. For information about the specifications for icons, see the Extensibility Icons for iOS topic.
Use the following standard image sizes for iOS icons:- Reg: 24 pixels x 24 pixels 72 pixels per inch
- Retina: 48 pixels x 48 pixels 72 pixels per inch
-
- DefaultLocation
- Specifies the location of an image for the web client. This location is typically the shared_data_directory_root/customization/mobile/images directory. This image is used if you do not specify an image for any of the density fields.
- ApplicationLabel
- Specifies a label for the new application. The label is displayed on the Home page.
- ApplicationURL
- Specifies the web address of the application or the native app URI for the application. HCL Connections uses this URL to start the new application. You can use the token %userid% in the URL. The mobile app will substitute the current user's userid before opening the URL.
<Applications>
<Application name="ApplicationName" enabled="true">
<ApplicationIcon>
<Android>
<Hdpi>/images/ibmhdpi.jpg</Hdpi>
<Mdpi>/images/ibmmdpi.jpg</Mdpi>
<Ldpi>/images/ibmldpi.jpg</Ldpi>
</Android>
<IOS>
<Reg>reg</Reg>
<Retina>retina</Retina>
</IOS>
<DefaultLocation>/images/ibm50.jpg</DefaultLocation>
</ApplicationIcon>
<ApplicationLabel>HCL</ApplicationLabel>
<ApplicationURL>http://www.ibm.com</ApplicationURL></>
</Application>
</Applications>
<DefaultNavigationOrder>profiles,communities,files,filesync,wikis,activities,forums,blogs,bookmarks,Instant Messaging</DefaultNavigationOrder>
Touchpoint properties
- enabled
- Enable to provide mobile support for Touchpoint.
- positiveExitPattern
- Provide a positive exit pattern to determine the exit navigation that should occur when a user completes Touchpoint. If no entries are provided, the Mobile service will provide a default pattern, which is based upon Homepage and Orient Me enablement.
- negativeExitPattern
- Provide a negative exit pattern to determine the exit navigation that should occur when a user cancels Touchpoint. If no entries are provided, the Mobile service will provide the following pattern: /logout
<Touchpoint enabled="true">
<positiveExitPattern>/homepage|/social</positiveExitPattern>
<negativeExitPattern>/logout</negativeExitPattern>
</Touchpoint>
Generic properties
<!-- Generic Property Support -->
<properties>
<genericProperty name="createCommunityEnabled">true</genericProperty>
<genericProperty name="inviteGuestUIEnabled">true</genericProperty>
</properties>
- createCommunityEnabled
- Enable to provide mobile support for Community creation. To disable the support, set the value to false. The default setting is true.
- inviteGuestUIEnabled
-
Enable to provide mobile support for the Invite Guest UI. To disable the support, set the value to false. The default setting is true.