Use the PropFilePasswordEncoder utility to encode your passwords in the files. WebSphere Application Server does not provide a utility for decoding the passwords.
About this task WebSphere Application Server contains several encoded passwords that are not encrypted. WebSphere Application Server provides the PropFilePasswordEncoder utility, which you can use to encode these passwords. However, the utility does not encode passwords that are contained within XML or XMI files. Instead, WebSphere Application Server automatically encodes the passwords in the following XML or XMI files.
File name | Additional information |
---|---|
profile_root/config/cells/cell_name/security.xml | The following fields contain encoded passwords:
|
war/WEB-INF/ibm_web_bnd.xml | The passwords for the default basic authentication for the resource-ref bindings within all the descriptors, except in the Java cryptography architecture |
ejb jar/META-INF/ibm_ejbjar_bnd.xml | The passwords for the default basic authentication for the resource-ref bindings within all the descriptors, except in the Java cryptography architecture |
client jar/META-INF/ibm-appclient_bnd.xml | The passwords for the default basic authentication for the resource-ref bindings within all the descriptors, except in the Java cryptography architecture |
ear/META-INF/ibm_application_bnd.xml | The passwords for the default basic authentication for the run as bindings within all the descriptors |
profile_root/config/cells/cell_name /nodes/node/servers/ server_name/security.xml | The following fields contain encoded passwords:
|
profile_root/config/cells/cell_name /nodes/node/servers/ server_name/resources.xml | The following fields contain encoded passwords:
|
profile_root/config/cells/cell_name/ws-security.xml | |
ibm-webservices-bnd.xmi | |
ibm-webservicesclient-bnd.xmi |
You can use the PropFilePasswordEncoder utility to encode the passwords that are located in the following files.
File name | Additional information |
---|---|
app_server_root /properties/sas.client.props | The passwords for the following files:
|
app_server_root /properties/soap.client.props | Specifies passwords for:
|
app_server_root /properties/sas.tools.properties | Specifies passwords for:
|
app_server_root /properties/sas.stdclient.properties | Specifies passwords for:
|
app_server_root /properties/wsserver.key |
If you are encoding the SAS properties files again, type: PropFilePasswordEncoder "file_name" -sas and the PropFilePasswordEncoder file encodes the known SAS properties.
If you are encoding files that are not SAS properties files, type PropFilePasswordEncoder "file_name" password_properties_list
where:
"file_name" is the name of the z/SAS properties file, and password_properties_list is the name of the properties to encode within the file.
Note: Only the password should be encoded in this file using the PropFilePasswordEncoder tool.
Use the PropFilePasswordEncoder utility to encode WebSphere Application Server password files only. The utility cannot encode passwords that are contained in XML files or other files that contain open and close tags.