Use the no-argument getConnection call

If a client runs outside the WAS process and does not pass the user and password on the getConnection call, define a text file on each system where the client runs. The text file's name is defined by the system property WAS_AuthDataFile and has records of the form:

alias1,user1,pw1

For each unique component managed authentication alias defined on a connection factory or data source and used by the remote client, define the alias and corresponding user and password to match the definition of the alias in WAS.

Use the EncAuthDataFile script to encode the password data stored in the file.

Product

The EncAuthDataFile script is available in WAS and WAS Network Deployment.

Authority

To run the EncAuthDataFile script, your user profile must have *ALLOBJ authority.

Syntax

The syntax of the EncAuthDataFile script is:

EncAuthDataFile input_file output_file

Parameters

The parameters of the EncAuthDataFile script are:

• input_file
  This is a required parameter. The value input_file specifies the fully qualified name of the authentication data file that the script reads.

• output_file
  This is a required parameter. The value output_file specifies the fully qualified name of the authentication data file to which the script writes the encoded data.

To create the remote client text file:

1. Enter the following command on an OS/400 command line to start Qshell:

   STRQSH

2. Create an empty text file in codepage 819. Enter the following command on the Qshell command line:

   touch -C 819 /home/user/client0.txt

   where client0.txt is not an existing file.

3. Use a text editor to add a line to the file for each alias you want to use (in the format Alias, Username, Password).

   For example, from an OS/400 command line, enter the following command:

   EDTF '/home/user/client0.txt'

   Enter the text desired, and save the file.

4. To encode the password, run the EncAuthDataFile script on the Qshell command line:

   /QIBM/ProdData/WebAS5/Base/bin/EncAuthDataFile  /home/user/client0.txt 
   /home/user/client1.txt 

   Make sure the file names are fully qualified. In the above example, the file client1.txt has an alias, user, and password that is now similar to the following:

   alias1,user1,{xor}Lyhu

   Note: If client1.txt already exists, it must be in codepage 819. The contents of client1.txt will be overwtitten.

5. Run the launchClient script to specify the location of the text file in the JVM client's system property WAS_AuthDataFile. Enter the following command on the Qshell command line:

   /QIBM/ProdData/WebAS5/Base/bin/launchClient myApp.ear 
   -CCDWAS_AuthDataFile=/home/user/client1.txt

   where /home/user/client1 is the fully-qualified path name of the file.

   For more information on the launchClient script, see The launchClient script.