Use the no-argument getConnection call
If a client runs outside the WAS process and does not pass the user and password on the getConnection call, define a text file on each system where the client runs. The text file's name is defined by the system property WAS_AuthDataFile and has records of the form:
alias1,user1,pw1For each unique component managed authentication alias defined on a connection factory or data source and used by the remote client, define the alias and corresponding user and password to match the definition of the alias in WAS.
Use the EncAuthDataFile script to encode the password data stored in the file.
Product
The EncAuthDataFile script is available in WAS and WAS Network Deployment.
Authority
To run the EncAuthDataFile script, your user profile must have *ALLOBJ authority.
Syntax
The syntax of the EncAuthDataFile script is:
EncAuthDataFile input_file output_fileParameters
The parameters of the EncAuthDataFile script are:
input_file
This is a required parameter. The value input_file specifies the fully qualified name of the authentication data file that the script reads.output_file
This is a required parameter. The value output_file specifies the fully qualified name of the authentication data file to which the script writes the encoded data.
To create the remote client text file:
Enter the following command on an OS/400 command line to start Qshell:
STRQSHCreate an empty text file in codepage 819. Enter the following command on the Qshell command line:
touch -C 819 /home/user/client0.txtwhere client0.txt is not an existing file.
Use a text editor to add a line to the file for each alias you want to use (in the format Alias, Username, Password).
For example, from an OS/400 command line, enter the following command:
EDTF '/home/user/client0.txt'Enter the text desired, and save the file.
To encode the password, run the EncAuthDataFile script on the Qshell command line:
/QIBM/ProdData/WebAS5/Base/bin/EncAuthDataFile /home/user/client0.txt /home/user/client1.txtMake sure the file names are fully qualified. In the above example, the file client1.txt has an alias, user, and password that is now similar to the following:
alias1,user1,{xor}LyhuNote: If client1.txt already exists, it must be in codepage 819. The contents of client1.txt will be overwtitten.
Run the launchClient script to specify the location of the text file in the JVM client's system property WAS_AuthDataFile. Enter the following command on the Qshell command line:
/QIBM/ProdData/WebAS5/Base/bin/launchClient myApp.ear -CCDWAS_AuthDataFile=/home/user/client1.txtwhere /home/user/client1 is the fully-qualified path name of the file.
For more information on the launchClient script, see The launchClient script.