Discussion:
Need referral - Websphere script w/o passwords
(too old to reply)
Linda Hagedorn
2017-08-07 22:58:10 UTC
Permalink
Raw Message
This is regarding Websphere. I've inherited a WAS platform with scripts containing passwords in clear text. I have to remediate this, and came to ibm-main for advice. This is on AIX. I normally manage DB2 on Z, and just accepted the WAS area.

Can anyone refer me to a manual, Redbook, or best practice for options? Encrypted pw file? System parm for NOPASSWORD? Any information or referral is appreciated. Thanks, Linda

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Melich, Istvan
2017-08-08 07:51:52 UTC
Permalink
Raw Message
Hi Linda,

Years ago I used soap.client.props for this, base64 decoded passwords are not so secure, but with strict file permissions (e.g. perm 660 or 640) this way might be acceptable. If you use wsadmin, it can be configured to use soap.client.props files for authentication purposes.
Post by Linda Hagedorn
This is regarding Websphere. I've inherited a WAS platform with scripts containing passwords in clear text. I have to remediate this, and came to ibm-main for advice. This is on AIX. I normally manage DB2 on Z, and just accepted the WAS area.
Can anyone refer me to a manual, Redbook, or best practice for options? Encrypted pw file? System parm for NOPASSWORD? Any information or referral is appreciated. Thanks, Linda
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
--
Thanks and regards: Melich, Istvan

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Linda Hagedorn
2017-08-08 15:36:58 UTC
Permalink
Raw Message
Thank you. I'll read up.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Rob Schramm
2017-08-14 17:14:19 UTC
Permalink
Raw Message
Long time ago in a Websphere far away, one of the admins was encoding
passwords b64 in ANT scripts.

Not really secure.. but better than nothing.

Rob Schramm
Post by Linda Hagedorn
Thank you. I'll read up.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
--
Rob Schramm

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Loading...