Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 2 Using the iProcess Engine Configuration Files : SWDIR\etc\staffpms

SWDIR\etc\staffpms
The staffpms file, which is located in the SWDIR\etc directory, specifies a number of different configuration options.
To modify the staffpms file:
1.
2.
3.
Specifying if Client Passwords are Required on Login
Character 4 of line 4 specifies whether or not iProcess users need to give their password to log into this TIBCO iProcess Engine node.
Y0NN5YNY??0AY
If this character is:
Y, iProcess users must supply their password when they log in to this TIBCO iProcess Engine node.
N, passwords are not required on login.
Enabling Multiple Logins
Character 13 of line 4 specifies whether or not multiple logins to this TIBCO iProcess Engine are enabled.
Y0NN5YNY??0AY
This character must be set to Y. Multiple logins must be enabled for iProcess Engine to operate.
Specifying the Working Week
By default, all date calculations in iProcess use a 5-day working week of Monday to Friday. However, if a procedure has the Use working days flag un-set, a 7-day working week is used instead for cases of that procedure.
Line 5 ends with a 7-character string that defines the working week. There is one character for each day of the week, running from Sunday (on the left) to Saturday (on the right). Y indicates that the day is a working day, N indicates that it is a non-working day. The default entry specifies a working week of Monday to Friday, as shown below.
%2d\%2d\%4d\/\%s%s %s, %s\dmy\wdmy\%2d:%2d\:\ AM\ PM\Week\NYYYYYN
You can edit this string to change the specification of the working week that iProcess uses when calculating dates (for procedures which have the Use working days flag set). For example, to specify a 5 day working week of Sunday to Thursday, with Friday and Saturday being non-working days, change line 5 to:
%2d\%2d\%4d\/\%s%s %s, %s\dmy\wdmy\%2d:%2d\:\ AM\ PM\Week\YYYYYNN
To specify a six day working week of Monday to Saturday, with Sunday being a non-working day, change line 5 to read:
%2d\%2d\%4d\/\%s%s %s, %s\dmy\wdmy\%2d:%2d\:\ AM\ PM\Week\NYYYYYY
Changing the Date Format Using the staffpms File
Line 5 of the staffpms file determines how the date is displayed in iProcess Engine. (The following example is for a iProcess Engine for Windows).
%2d/%2d/%4d\/\%s%s %s, %s\dmy\wdmy\%2d:%2d\:\ AM\ PM\Week\NYYYYYN
Individual entries are separated by a backslash character (\). The following table describes the meaning of each entry.
Changing the Order of the Date Format
To change the format, for example, to yyyy/mm/dd:
1.
2.
%4d/%2d/%2d\/\%s%s %s, %s\ymd\wdmy\%2d:%2d\:\ AM\ PM\Week\NYYYYYN
Changing the Date Delimiter
To change the date delimiter, for example to a hyphen character, amend the number of characters (position 1) and date delimiter (position 2) entries as shown.
%2d-%2d-%4d\-\%s%s %s, %s\dmy\wdmy\%2d:%2d\:\ AM\ PM\Week\NYYYYYN
Setting Database Connection Options
Line 9 contains the settings that iProcess Engine uses to connect to the database. (The following example is for a TIBCO iProcess Engine for Windows).
3\swpro\swuser\swpro\\sw-servers\0
 
Individual entries are separated by a backslash character (\). The following table describes the meaning of each entry.
This field must always be 3 for a database version.
Note: This login/account must be the same login/account as the iProcess Engine database schema owner (specified in position 4).
Note: This entry is only used if iProcess Engine uses an Oracle database.
Note: This entry is not used if iProcess Engine uses an Oracle database.
Changing Database Connection Passwords
If you need to change the passwords that the iProcess Engine database schema owner or iProcess Engine database user use to connect to the database, follow this procedure:
1.
2.
3.
   SWDIR\util\swconfig -u
The following prompt is displayed:

 
=================================================================
 
TIBCO(R) iProcess Suite - Configuration Utility
 
Copyright (c) 2001-2012, TIBCO Software Inc.
 
=================================================================
Please enter a new Background User Password, ('Q' to quit)

 
4.
Enter the new password for a iProcess Engine database schema owner (the login/account defined in position 4 of line 9 of the staffpms file).
The following prompt is displayed.
   Please enter a new Foreground User Password, ('Q' to quit) :
5.
Enter the new password for a iProcess Engine database user (the login/account defined in position 3 of line 9 of the staffpms file).
The swconfig utility terminates and displays the following message.
   Now log onto the Database and change the passwords
6.
7.
Controlling Access to the iProcess Engine (for UNIX)
Line 12 contains three settings (at the end of the line) that control access to iProcess Engine.
1\GROUPNAME\0\666\swuser\staffwar\7
 
Individual entries are separated by a backslash character (\). The following table describes the meaning of each entry.
The iProcess security umask value, which controls “world” access to iProcess files in and under SWDIR. “World” permissions on each file installed by or created by the iProcess Suite are set to the iProcess group name permissions for the file, modified by this umask value. For example, if this value is:
7 for high security. “World” has no access to iProcess files in and under SWDIR. This is the default.
0 for low security. “World” has the same access to each file in and under SWDIR as the staffwar group.
 
To change the iProcess RPC Server account name, iProcess group name, or iProcess security umask value at any time after installation, do the following:
1.
2.
3.
4.
Run fixperms,which is located in the SWDIR\bin directory, to reset the ownership and permissions information on all files in and under SWDIR.
5.
The implications of these security values in staffpms are:
All iProcess processes run with the UID of an iProcess Engine background user, even if the process is started by root. The only exceptions are the runcmd utility, which is located in the SWDIR\util directory, and the RPC_UDP_LI process, which run as root.
All iProcess files and directories (that is, all files in and under SWDIR) are owned by either root or the iProcess Engine background user. Their group ID is set to the iProcess group (staffwar).
Specifying How iProcess Validates Users
Lines 15 and 16 of the staffpms file define whether and how iProcess uses the integral User Validation API provided with the LDAPCONF utility.
Specifying an External User Validation Package
Line 15 defines whether the iProcess Suite validates users against O/S user accounts (the default), or against an external validation package developed using the TIBCO iProcess User Validation API.
This line is optional. If you are using the default method of validating users against O/S accounts, line 15 should be blank.
If you want to validate users against an external validation package, line 15 must contain the full pathname of the user validation package (a DLL file on Windows, a shared library on UNIX). Note that:
Variables such as SWDIR are not supported in this parameter.
The following example (for a iProcess Engine for Windows) specifies that user validation will be performed against the swuvamod.dll file in the D:/iProcess/staff200/lib directory.
d:/iProcess/staff200/lib/swuvamod.dll
The following example specifies that user validation will be performed against the UVAPI.dll file in the C:/Tibco/iprocess_nod1/util directory, and that the proxy users are supplied by swadmin.
C:/Tibco/iprocess_nod1/util/UVAPI.dll\N\swadmin\\\
For more information about how to:
Develop an external validation package, see TIBCO iProcess User Validation API User's Guide.
Specifying a Proxy User
Line 16 defines which proxy operating system user ID is used by the LDAP integral user validation API.
This line is optional. If you are not using the LDAP integral user validation API, line 16 should be blank.
Configuring Signals That Threads are Blocked From Receiving
Line 17 allows you to specify threads to be blocked from receiving signals.
For example, to add blocking for the SIGALRM (14) signal the last few lines of the file will look like this:
QPARAM1\QPARAM2\QPARAM3\QPARAM4\CP_V...
<blank line - unless UVAPI is configured>
<blank line>
14
If you wish to add more signals to the list they will need to be separated by the '\' character:
QPARAM1\QPARAM2\QPARAM3\QPARAM4\CP_V...
<blank line - unless UVAPI is configured>
<blank line>
14\13\12\\
If the line is blank or there are no signal IDs set then the default behaviour is not to block the threads from receiving signals.
Configuring Log Files Directory
To make the log files directory configurable, specify the directory in line 19.
To configure the log files directory:
1.
2.
3.
4.
Open the staffpms file located in the SWDIR\etc directory. Then copy the absolute directory of the folder you created in step 3 to line 19 of the file.
5.
If line 19 is blank, then iProcess Engine will use the SWDIR\logs directory as the default log files directory.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved