Configuring the SAS Stored Process Web Application

Configuration Files

The SAS Stored Process Web Application can be customized for your site through various configuration files and servlet initialization parameters. The following table describes the external files that are read by the SAS Stored Process Web Application.
Configuration Files
File
Description
application_config.xml
Contains user information for the SAS Metadata Repository and is delivered in the sas.storedprocess.war file.
banner.jsp
Is used to generate the top banner in the SAS Stored Process Web Application pages. This file is located in the /SASStoredProcess/jsp directory and can be altered or replaced if you want to customize the banner.
Params.config
Contains stored process input parameters that are set before any client parameters are processed. The parameters are defined in the form name=value on a separate line with a '#' character in column one to indicate a comment. Continuation lines can be specified with a '\' character at the end of a line. For more information about properties that can be substituted into input parameters in the Params.config file, see Web Application Properties. Parameters defined in the Params.config file cannot be overridden.
Resources.properties
Contains name/value pairs for locale-defined output strings. This file is delivered in the sas.storedprocess.webapp.jar file and is usually not altered.
search.jsp
Is used to search the SAS Stored Process Web Application for stored processes and stored process reports.
web.xml
Contains servlet mappings and initialization parameters. This file is the Web application configuration file and is delivered in the sas.storedprocess.war file.
Welcome.jsp
Specifies an optional page that displays when the SAS Stored Process Web Application is invoked with no parameters.
The SAS Stored Process Web Application session contains values that might be useful to a JSP (including custom input forms) that is installed in the SAS Stored Process Web Application directory tree. These values are obtained using the following method:
session.getAttribute("parameter_name")
For parameter-name, specify one of the following parameters:
Banner_Locale returns the current user locale.
Banner_LogoffURL returns current URL that is used for logging out.
Banner_Theme returns the current theme.
Banner_TimeoutURL returns the current URL that is used for time-outs.
Banner_Title returns the current banner title.
sas.framework.user.name returns the login user name (for example, SAS Demo User).
sas.framework.userid returns the login user ID (for example, sasdemo).
saspfs_sessionid returns the security session ID.
SASStoredProcessURI returns the servlet URI (for example, /SASStoredProcess/do).
sp_counter returns the number of times the HTTP session has been accessed.
sp_sessionContext returns the local SessionContextInterface. Use sp_sessionContext.getUserContext() to get the current UserContextInterface.

Custom Responses

You can also customize responses for the SAS Stored Process Web Application by using the JSP files that are described in the following table. The JSP files are stored in the /SASStoredProcess/jsp/response/ directory, and the Web application forwards to the corresponding file.
Custom Responses
File
Description
Background.jsp
Specifies a page that displays when a stored process has been submitted for background processing.
FailedLogin.jsp
Specifies a page that displays when a bad user name or password is entered for /do1 login types.
InvalidSession.jsp
Specifies a page that displays when an invalid or expired session ID is sent. This file is used only with _REPLAY sessions.
Logoff.jsp
Specifies a page that displays when a successful logoff is completed for /do1 login types.

Initialization Parameters

The following table describes the initialization parameters that are available to the SAS Stored Process Web Application. Initialization parameters are values that are set when the SAS Stored Process Web Application is started. These parameters control various Web Application processing options. Initialization parameters are defined in the SAS Stored Process Web Application configuration metadata. Values can be added or changed in SAS Management Console. On the SAS Management Console Plug-ins tab, click Application Management. Open Configuration Manager, right-click Stored Process Web App 9.3, and select Properties. Select the Advanced tab, and add or edit the initialization parameters.
Note: The Web server and Remote Services must be restarted for parameter changes to take effect.
Initialization Parameters
Initialization Parameter
Description
ActionMask
Specifies the _ACTION values that users can set. The default is to allow all keywords. Valid names can be specified as a comma-separated list.
AllowEncodedPassword
Allows encoded passwords to be passed in via the _password parameter if the AllowEncodedPassword parameter is set to true.
AllowGuest
Enables a user to run stored processes without logging in if this parameter is set to true.
App.PublicIdAllowed
Allows public IDs in the SAS Stored Process Web Application if this parameter is set to true.
BannerRows
Specifies the number of rows sent in the tag for the banner frame. (For _ACTION=INDEX, three HTML frames are created with the top frame being the banner frame.) By default, the size of the banner frame is dynamically adjusted to the size of the displayed banner.
Debug
Specifies default _DEBUG values.
DebugMask
Specifies the _DEBUG values that users can set. The default is to allow all keywords. Valid names can be specified as a comma-separated list.
GuestUsername
Specifies the user name to use when accessing the SAS Stored Process Web Application as /guest.
GuestPassword
Specifies the password to use when accessing the SAS Stored Process Web Application as /guest.
ParamsFile
Specifies the file that contains the preset input parameters. This value is a fully expanded file specification. The default preset filename is Params.config in the SAS Stored Process Web Application root context directory.
SessionTimeout
Specifies the number of minutes that elapse before a servlet session expires. The default session time-out varies by Application Server (typically 30-60 minutes). After the session expires, the user is required to log on again. Any data that was entered on the prompt page needs to be reentered.
ShowLogButton
Disables the Show SAS log button from being displayed on program errors (if this parameter is set to false).
UploadDirectory
Specifies a temporary directory for caching files when the file size exceeds 32768 bytes. The default directory is java.io.tmpdir.
UploadMaxSize
Specifies the maximum file size in bytes that can be uploaded.
ValidatePromptValues
Forces constraint checking, static list validation, or dynamic list validation on a stored process, if the ValidatePromptValues parameter is set to true. By default, this parameter is set to false.
WelcomePage
Specifies a page to display if no parameters are entered in the URL. If the value that you specify starts with a slash (/), then the Welcome page is relative to the Web application root context (for example, /jsp/Welcome.jsp) and the Web browser is forwarded to that page. Otherwise, a redirect command is sent to the Web browser for the specified page.
The SAS Stored Process Web Application uses the following sequence to determine what is displayed when the user logs in:
  1. Use the value for _WELCOME, if this value has been set.
  2. Use the value of the WelcomePage initialization parameter, if this value has been set.
  3. Check for a Welcome.jsp file in the /jsp directory.
  4. Display the SAS Stored Process Web Application version and build number.

Web Application Properties

Various reserved values, or properties, are available to be passed as input parameters to stored processes that are executed by the SAS Stored Process Web Application. To pass a property to every stored process that is executed by the SAS Stored Process Web Application, add a line of the form name=$reserved_name to the Params.config file. For example, to add request cookie information as an input parameter, add the following line to Params.config:
_HTCOOK=$servlet.cookies
The input parameter _HTCOOK is created, and it contains the HTTP header cookie data. The _HTCOOK parameter is added to the input parameters for the stored process.
Fixed data values can also be passed by using the form name=string. For example, the following line sets the parameter MYPARM to the fixed string Hello:
MYPARM=Hello
Note: Any unresolved values can result in the corresponding parameter being set to a zero-length string.
Properties for Web Applications
Reserved Name
Recommended SAS Variable Name
Description
servlet.auth.type
_AUTHTYP
Specifies the name of the authentication scheme that is used to protect the SAS Stored Process Web Application (for example, BASIC or SSL, or null if the SAS Stored Process Web Application was not protected).
servlet.character.encoding
 
Specifies the name of the character encoding that is used in the body of the request.
servlet.content.length
 
Specifies the length, in bytes, of the request body and is made available by the data source. If the length is not known, the value is –1.
servlet.content.type
 
Specifies the MIME type of the body of the request. If the type is not known, the value is null.
servlet.context.path
 
Specifies the portion of the request URL that indicates the context of the request.
servlet.cookies
_HTCOOK
Specifies all of the cookie strings that the client sent with this request.
servlet.header
 
Specifies the HTTP request header as it was received by the SAS Stored Process Web Application.
servlet.header.accept
_HTACPT
Specifies the MIME types that are accepted by the stored process client.
servlet.header.referer
_HTREFER
Specifies the address of the referring page.
servlet.header.user-agent
_HTUA
Specifies the name of the user agent.
servlet.header.<name>
 
Specifies a particular HTTP request header line as it was received by the SAS Stored Process Web Application, where <name> is the header keyword name.
servlet.info
 
Specifies any information about the SAS Stored Process Web Application, such as author, version, and copyright.
servlet.jsessionid
 
Specifies the Java servlet session ID.
servlet.locale
 
Specifies the preferred locale in which the client accepts content, based on the Accept-Language header.
servlet.method
_REQMETH
Specifies the name of the HTTP method with which this request was made (for example, GET, POST, or PUT).
servlet.name
 
Specifies the name of this SAS Stored Process Web Application instance.
servlet.path
 
Specifies the part of the request URL that calls the SAS Stored Process Web Application.
servlet.path.info
 
Specifies any extra path information that is associated with the URL that the client sent when it made this request.
servlet.path.translated
 
Specifies any extra path information after the SAS Stored Process Web Application name but before the query string, and translates this information to a real path.
servlet.protocol
_SRVPROT
Specifies the name and version of the protocol that the request uses in the form protocol/majorVersion.minorVersion (for example, HTTP/1.1).
servlet.query.string
_QRYSTR
Specifies the query string that is contained in the request URL after the path.
servlet.remote.addr
_RMTADDR
Specifies the Internet Protocol (IP) address of the client that sent the request.
servlet.remote.host
_RMTHOST
Specifies the fully qualified name of the client that sent the request, or specifies the IP address of the client if the name cannot be determined.
servlet.remote.user
_RMTUSER
Specifies the login ID of the user that is making this request if the user has been authenticated. If the user has not been authenticated, the value is null.
servlet.request.uri
_URL
Specifies the part of this request's URL from the protocol name up to the query string in the first line of the HTTP request.
servlet.root
 
Specifies the SAS Stored Process Web Application root context directory.
servlet.scheme
 
Specifies the name of the scheme that was used to make this request (for example, HTTP, HTTPS, or FTP).
servlet.secure
 
Returns true or false indicating whether this request was made using a secure channel, such as HTTPS.
servlet.server.name
_SRVNAME
Specifies the host name of the server that received the request.
servlet.server.port
_SRVPORT
Specifies the port number on which this request was received.
servlet.server.software
_SRVSOFT
Specifies the Web server software.
servlet.user.name
_username
Specifies the value for the user name that was obtained from the Web browser authentication. The symbol _username is set automatically by the SAS server.
servlet.version
_VERSION
Specifies the SAS Stored Process Web Application version and build number.
Numerous system properties (for example, user.name) can be obtained. Setting _DEBUG to ENV shows all the available values.