Bootstrap FreeKB - IBM WebSphere - username password and the client.props files
IBM WebSphere - username password and the client.props files
Updated:   |  IBM WebSphere articles

Let's say you issue a command on the command line and are prompted for a username and password. For example, this could occur when using the startServer command to start a WebSphere application server.

When you are prompted for a username and password, this means that administrative security is enabled and your username and password have not been defined in the soap.client.props file (for SOAP connections) or sas.client.props file (for RMI or JSR160RMI connections) or ipc.client.props file (for IPC connections).

~]# ${WAS_INSTALL_ROOT}/profiles/your_profile/bin/startServer.sh server1
Username:
Password:

 

One option is to include the -user or -username and -password options on the command line.

${WAS_INSTALL_ROOT}/profiles/your_profile/bin/startServer.sh server1 -user wasadmin -password itsasecret

 

However, the use of the -user and -password options is highly discouraged because the username and password provided could be intercepted using the ps command (Linux).

~]# ps -ef | grep java
com.ibm.ws.admin.services.WsAdmin -user wasadmin -password itsasecret

 

The username and password can be entered in the ${WAS_INSTALL_ROOT}/profiles/your_profile/properties/soap.client.props file for SOAP connections (see -conntype SOAP).

com.ibm.SOAP.securityEnabled=true
com.ibm.SOAP.loginUserid=wasadmin
com.ibm.SOAP.loginPassword=itsasecret
com.ibm.SOAP.loginSource=none

 

Or, the username and password can be entered in the ${WAS_INSTALL_ROOT}/profiles/your_profile/properties/sas.client.props file for RMI or JSR160RMI connections (see -conntype RMI / -conntype JSR160RMI).

com.ibm.CORBA.loginUserid=wasadmin
com.ibm.CORBA.loginPassword=itsasecret
com.ibm.CORBA.loginSource=properties

 

Or, the username and password can be entered in the ${WAS_INSTALL_ROOT}/profiles/your_profile/properties/ipc.client.props file for IPC connections (see -conntype IPC). You will also comment out the login source line.

com.ibm.IPC.loginUserid=wasadmin
com.ibm.IPC.loginPassword=itsasecret
# com.ibm.IPC.loginSource=prompt

 

Or, with the wsadmin command, -conntype NONE can be used, to make an unauthenticated connection.

wsadmin.sh -conntype NONE

 

You may then want to use PropFilePasswordEncoder to XOR encode the cleartext password.

${WAS_INSTALL_ROOT}/profiles/your_profile/bin/PropFilePasswordEncoder.sh ${WAS_INSTALL_ROOT}/profiles/your_profile/properties/soap.client.props com.ibm.SOAP.loginPassword

 

After the PropFilePasswordEncoder script completes, if you re-check the client.props file, you should see something like this.

com.ibm.SOAP.loginPassword={xor}Gi16ABcdAApuAB=

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 6a2eb2 in the box below so that we can be sure you are a human.