Masking passwords in External Security Manager properties files

 

+

Search Tips   |   Advanced Search

 

WAS has an encoding mechanism to mask the passwords and remove all comments from the production versions of properties files.

To mask passwords and/or change masked passwords:

Masking passwords is optional and is only valid for the following scenarios:

Procedure...

  1. Complete all edits to the two Services.

  2. Save changes.

  3. To encode the password for a specific parameter within your properties file...

      cd profile_root/bin
      ./PropFilePasswordEncoder.sh filename param_name

    ...where filename is the name of the target properties file for password encoding and param_name is the name of the specific property to be encoded. If no property name is specified, all properties in the file will be encoded. The following parameters are likely to contain secure information and should be encoded:

    • ExternalAccessControl.pdpw (policy director password)
    • ExternalAccessControl.password
    • ExternalAccessControl.Agentsecret
    • pdpw

  4. To change masked passwords:

    1. Use the WAS encoding mechanism to enter the new password in clear text.

    2. Run the WAS encoding batch file on the new production file. The backup copy still exists with no password but with the comments preserved.


Parent topic:

External security managers