Sets the default superuser ID. By default the superuser ID is okmAdmin.

By default, when a user creates a node, they are added to the node with full permissions. You can disable this behavior by setting this parameter to false. By default, the parameter is set to true.

Indicates the number of days to force users to change their password. A value of 0 indicates the feature is disabled.

Sometimes the user loses or forgets their password. When this option is enabled, users on the landing page have the option to reset their password and be notified with a new one by email. By default this option is set to false.

system.antivir

String

Path to the antivirus.

security.access.manager

String

Sets the security access manager that determines how security is evaluated. Default value is "simple".

Values:

• simple.
• recursive.
• read_recursive.

 Take a look at Security configuration

security.search.evaluation

String

Sets the security search manager and determines how security is evaluated by the search engine.

Values:

• lucene.
• am_more, am_window or am_limited.

 Take a look at Security configuration

security.extended.mask

Integer

Security evaluation can be extended to downloaded files, starting workflows, adding, removing or modifying property groups (metadata), or compacting history. The default value is empty.

Values:

• DOWNLOAD = 1024;
• START_WORKFLOW = 2048;
• COMPACT_HISTORY = 4096;
• PROPERTY_GROUP = 8192;

For example, to enable download and property groups, set the mask to 9216 (1024+8192).

 Take a look at Security configuration

security.live.change.node.limit

Integer

When security changes affect more than the value set in this property, the security changes are applied as a background task.

 Take a look at Security configuration

system.login.lowercase

Boolean

By default it is empty. If connecting to AD (Microsoft Active Directory), it must be set to "true", which forces all users to log in with lowercase user IDs. The reason is OpenKM is case-sensitive and Microsoft Active Directory is not.

principal.adapter

String

OpenKM can handle user access using the Spring Security framework. OpenKM needs an available method for reading users and roles, so when users are stored in a database (as is the default), the class DatabasePrincipalAdapter does this job.

If you configure OpenKM to authenticate against an LDAP server, you need to configure another principal adapter like LdapPrincipalAdapter.

principal.identifier.validation

String

Sets a regular expression to validate user names and role names on creation.

Sample regular expression for Arabic:

browser.password.autocompletion

Boolean

By default it is true (allowed autocompletion). This parameter allows disabling password autocompletion in the login frame. This is a security measure on untrusted clients.

default.security.recursive.role

String

Set the role that is used to identify which users are able to set recursive security.

secure.file.delete

Boolean

Enables safe file deletion from the file system. The process ensures the document can be recovered later from the file system.

security.login.failed.attempts

Integer

Number of failed login attempts before the user is locked. A value of 0 indicates unlimited failed attempts and the user will never be locked.

default.task.manager.admin.role

String

Set the role that is used to identify which users can manage all OpenKM tasks.

default.version.admin.role

String

Set the role that is used to identify users who can change the version of a node.

default.user.hidden.role

String

Set the role that is used to identify users hidden in the user list.