Portal, V6.1
Masking passwords in External Security Manager properties files
WAS has an encoding mechanism to mask the passwords and remove all comments from the
production versions of properties files.To mask passwords and/or change masked passwords:
Masking passwords is optional and is only valid for the following scenarios:
- Configure IBM Tivoli Access Manager for e-business to perform authorization
- Configure the Credential Vault adapter for Tivoli Access Manager
- Configure Computer Associates eTrust SiteMinder to perform authorization
- Complete all edits to the two Services.
- Save changes.
- Run the appropriate task from the WP_PROFILE/bin directory to encode the password for a specific parameter within your properties file:
where filename is the name of the target properties file for password encoding and param_name is the name of the specific property to be encoded. If no property name is specified, all properties in the file will be encoded. The following parameters are likely to contain secure information and should be encoded:
Option Description Windows PropFilePasswordEncoder.bat filename param_name UNIX ./PropFilePasswordEncoder.sh filename param_name
- ExternalAccessControl.pdpw (policy director password)
- ExternalAccessControl.password
- ExternalAccessControl.Agentsecret
- pdpw
- To change masked passwords:
- Use the WAS encoding mechanism to enter the new password in clear text.
- Run the WAS encoding batch file on the new production file. The backup copy still exists with no password but with the comments preserved.
Parent topic
External security managers