Configuring the SAS Stored Process Web Application

Configuration Files

The SAS Stored Process Web Application can be customized for your site through various configuration files and servlet initialization parameters. The following table describes the external files that are read by the SAS Stored Process Web Application.

Configuration Files

File	Description
application_config.xml	Contains user information for the SAS Metadata Repository and is delivered in the sas.storedprocess.war file.
banner.jsp	Is used to generate the top banner in the SAS Stored Process Web Application pages. This file is located in the `/SASStoredProcess/jsp` directory and can be altered or replaced if you want to customize the banner.
Params.config	Contains stored process input parameters that are set before any client parameters are processed. The parameters are defined in the form `name=value` on a separate line with a '#' character in column one to indicate a comment. Continuation lines can be specified with a '\' character at the end of a line. For more information about properties that can be substituted into input parameters in the Params.config file, see Web Application Properties. Parameters defined in the Params.config file cannot be overridden.
Resources.properties	Contains name/value pairs for locale-defined output strings. This file is delivered in the sas.storedprocess.webapp.jar file and is usually not altered.
search.jsp	Is used to search the SAS Stored Process Web Application for stored processes and stored process reports.
web.xml	Contains servlet mappings and initialization parameters. This file is the Web application configuration file and is delivered in the sas.storedprocess.war file.
Welcome.jsp	Specifies an optional page that displays when the SAS Stored Process Web Application is invoked with no parameters.

The SAS Stored Process Web Application session contains values that might be useful to a JSP (including custom input forms) that is installed in the SAS Stored Process Web Application directory tree. These values are obtained using the following method:

session.getAttribute("parameter_name")

For parameter-name, specify one of the following parameters:

Banner_Locale	returns the current user locale.
Banner_LogoffURL	returns current URL that is used for logging out.
Banner_Theme	returns the current theme.
Banner_TimeoutURL	returns the current URL that is used for time-outs.
Banner_Title	returns the current banner title.
sas.framework.user.name	returns the login user name (for example, `SAS Demo User`).
sas.framework.userid	returns the login user ID (for example, `sasdemo`).
saspfs_sessionid	returns the security session ID.
SASStoredProcessURI	returns the servlet URI (for example, `/SASStoredProcess/do`).
sp_counter	returns the number of times the HTTP session has been accessed.
sp_sessionContext	returns the local SessionContextInterface. Use sp_sessionContext.getUserContext() to get the current UserContextInterface.

Custom Responses

You can also customize responses for the SAS Stored Process Web Application by using the JSP files that are described in the following table. The JSP files are stored in the /SASStoredProcess/jsp/response/ directory, and the Web application forwards to the corresponding file.

Custom Responses

File	Description
Background.jsp	Specifies a page that displays when a stored process has been submitted for background processing.
FailedLogin.jsp	Specifies a page that displays when a bad user name or password is entered for /do1 login types.
InvalidSession.jsp	Specifies a page that displays when an invalid or expired session ID is sent. This file is used only with _REPLAY sessions.
Logoff.jsp	Specifies a page that displays when a successful logoff is completed for /do1 login types.

Initialization Parameters

The following table describes the initialization parameters that are available to the SAS Stored Process Web Application. Initialization parameters are values that are set when the SAS Stored Process Web Application is started. These parameters control various Web Application processing options. Initialization parameters are defined in the SAS Stored Process Web Application configuration metadata. Values can be added or changed in SAS Management Console. On the SAS Management Console Plug-ins tab, click Application Management. Open Configuration Manager, right-click Stored Process Web App 9.3, and select Properties. Select the Advanced tab, and add or edit the initialization parameters.

Note: The Web server and Remote Services must be restarted for parameter changes to take effect.

Initialization Parameters

Initialization Parameter	Description
ActionMask	Specifies the _ACTION values that users can set. The default is to allow all keywords. Valid names can be specified as a comma-separated list.
AllowEncodedPassword	Allows encoded passwords to be passed in via the _password parameter if the AllowEncodedPassword parameter is set to `true`.
AllowGuest	Enables a user to run stored processes without logging in if this parameter is set to `true`.
App.PublicIdAllowed	Allows public IDs in the SAS Stored Process Web Application if this parameter is set to `true`.
BannerRows	Specifies the number of rows sent in the tag for the banner frame. (For _ACTION=INDEX, three HTML frames are created with the top frame being the banner frame.) By default, the size of the banner frame is dynamically adjusted to the size of the displayed banner.
Debug	Specifies default _DEBUG values.
DebugMask	Specifies the _DEBUG values that users can set. The default is to allow all keywords. Valid names can be specified as a comma-separated list.
GuestUsername	Specifies the user name to use when accessing the SAS Stored Process Web Application as /guest.
GuestPassword	Specifies the password to use when accessing the SAS Stored Process Web Application as /guest.
ParamsFile	Specifies the file that contains the preset input parameters. This value is a fully expanded file specification. The default preset filename is Params.config in the SAS Stored Process Web Application root context directory.
SessionTimeout	Specifies the number of minutes that elapse before a servlet session expires. The default session time-out varies by Application Server (typically 30-60 minutes). After the session expires, the user is required to log on again. Any data that was entered on the prompt page needs to be reentered.
ShowLogButton	Disables the Show SAS log button from being displayed on program errors (if this parameter is set to `false`).
UploadDirectory	Specifies a temporary directory for caching files when the file size exceeds 32768 bytes. The default directory is `java.io.tmpdir`.
UploadMaxSize	Specifies the maximum file size in bytes that can be uploaded.
ValidatePromptValues	Forces constraint checking, static list validation, or dynamic list validation on a stored process, if the ValidatePromptValues parameter is set to `true`. By default, this parameter is set to `false`.
WelcomePage	Specifies a page to display if no parameters are entered in the URL. If the value that you specify starts with a slash (/), then the Welcome page is relative to the Web application root context (for example, `/jsp/Welcome.jsp`) and the Web browser is forwarded to that page. Otherwise, a redirect command is sent to the Web browser for the specified page. The SAS Stored Process Web Application uses the following sequence to determine what is displayed when the user logs in: Use the value for _WELCOME, if this value has been set. Use the value of the WelcomePage initialization parameter, if this value has been set. Check for a Welcome.jsp file in the /jsp directory. Display the SAS Stored Process Web Application version and build number.

Web Application Properties

Various reserved values, or properties, are available to be passed as input parameters to stored processes that are executed by the SAS Stored Process Web Application. To pass a property to every stored process that is executed by the SAS Stored Process Web Application, add a line of the form name=$reserved_name to the Params.config file. For example, to add request cookie information as an input parameter, add the following line to Params.config:

_HTCOOK=$servlet.cookies

The input parameter _HTCOOK is created, and it contains the HTTP header cookie data. The _HTCOOK parameter is added to the input parameters for the stored process.

Fixed data values can also be passed by using the form name=string. For example, the following line sets the parameter MYPARM to the fixed string Hello:

MYPARM=Hello

Note: Any unresolved values can result in the corresponding parameter being set to a zero-length string.

Properties for Web Applications

Reserved Name	Recommended SAS Variable Name	Description
servlet.auth.type	_AUTHTYP	Specifies the name of the authentication scheme that is used to protect the SAS Stored Process Web Application (for example, BASIC or SSL, or null if the SAS Stored Process Web Application was not protected).
servlet.character.encoding		Specifies the name of the character encoding that is used in the body of the request.
servlet.content.length		Specifies the length, in bytes, of the request body and is made available by the data source. If the length is not known, the value is –1.
servlet.content.type		Specifies the MIME type of the body of the request. If the type is not known, the value is null.
servlet.context.path		Specifies the portion of the request URL that indicates the context of the request.
servlet.cookies	_HTCOOK	Specifies all of the cookie strings that the client sent with this request.
servlet.header		Specifies the HTTP request header as it was received by the SAS Stored Process Web Application.
servlet.header.accept	_HTACPT	Specifies the MIME types that are accepted by the stored process client.
servlet.header.referer	_HTREFER	Specifies the address of the referring page.
servlet.header.user-agent	_HTUA	Specifies the name of the user agent.
servlet.header.<name>		Specifies a particular HTTP request header line as it was received by the SAS Stored Process Web Application, where <name> is the header keyword name.
servlet.info		Specifies any information about the SAS Stored Process Web Application, such as author, version, and copyright.
servlet.jsessionid		Specifies the Java servlet session ID.
servlet.locale		Specifies the preferred locale in which the client accepts content, based on the Accept-Language header.
servlet.method	_REQMETH	Specifies the name of the HTTP method with which this request was made (for example, GET, POST, or PUT).
servlet.name		Specifies the name of this SAS Stored Process Web Application instance.
servlet.path		Specifies the part of the request URL that calls the SAS Stored Process Web Application.
servlet.path.info		Specifies any extra path information that is associated with the URL that the client sent when it made this request.
servlet.path.translated		Specifies any extra path information after the SAS Stored Process Web Application name but before the query string, and translates this information to a real path.
servlet.protocol	_SRVPROT	Specifies the name and version of the protocol that the request uses in the form protocol/majorVersion.minorVersion (for example, HTTP/1.1).
servlet.query.string	_QRYSTR	Specifies the query string that is contained in the request URL after the path.
servlet.remote.addr	_RMTADDR	Specifies the Internet Protocol (IP) address of the client that sent the request.
servlet.remote.host	_RMTHOST	Specifies the fully qualified name of the client that sent the request, or specifies the IP address of the client if the name cannot be determined.
servlet.remote.user	_RMTUSER	Specifies the login ID of the user that is making this request if the user has been authenticated. If the user has not been authenticated, the value is null.
servlet.request.uri	_URL	Specifies the part of this request's URL from the protocol name up to the query string in the first line of the HTTP request.
servlet.root		Specifies the SAS Stored Process Web Application root context directory.
servlet.scheme		Specifies the name of the scheme that was used to make this request (for example, HTTP, HTTPS, or FTP).
servlet.secure		Returns `true` or `false` indicating whether this request was made using a secure channel, such as HTTPS.
servlet.server.name	_SRVNAME	Specifies the host name of the server that received the request.
servlet.server.port	_SRVPORT	Specifies the port number on which this request was received.
servlet.server.software	_SRVSOFT	Specifies the Web server software.
servlet.user.name	_username	Specifies the value for the user name that was obtained from the Web browser authentication. The symbol _username is set automatically by the SAS server.
servlet.version	_VERSION	Specifies the SAS Stored Process Web Application version and build number.

Numerous system properties (for example, user.name) can be obtained. Setting _DEBUG to ENV shows all the available values.