![](/base_images/jeremy.jpg)
Let's say you issue a command on the command line and are prompted for a username and password. For example, this could occur when using the startServer command to start a WebSphere application server.
When you are prompted for a username and password, this means that administrative security is enabled and your username and password have not been defined in the soap.client.props file (for SOAP connections) or sas.client.props file (for RMI or JSR160RMI connections) or ipc.client.props file (for IPC connections).
~]# ${WAS_INSTALL_ROOT}/profiles/your_profile/bin/startServer.sh server1
Username:
Password:
One option is to include the -user or -username and -password options on the command line.
${WAS_INSTALL_ROOT}/profiles/your_profile/bin/startServer.sh server1 -user wasadmin -password itsasecret
However, the use of the -user and -password options is highly discouraged because the username and password provided could be intercepted using the ps command (Linux).
~]# ps -ef | grep java
com.ibm.ws.admin.services.WsAdmin -user wasadmin -password itsasecret
The username and password can be entered in the ${WAS_INSTALL_ROOT}/profiles/your_profile/properties/soap.client.props file for SOAP connections (see -conntype SOAP).
com.ibm.SOAP.securityEnabled=true
com.ibm.SOAP.loginUserid=wasadmin
com.ibm.SOAP.loginPassword=itsasecret
com.ibm.SOAP.loginSource=none
Or, the username and password can be entered in the ${WAS_INSTALL_ROOT}/profiles/your_profile/properties/sas.client.props file for RMI or JSR160RMI connections (see -conntype RMI / -conntype JSR160RMI).
com.ibm.CORBA.loginUserid=wasadmin
com.ibm.CORBA.loginPassword=itsasecret
com.ibm.CORBA.loginSource=properties
Or, the username and password can be entered in the ${WAS_INSTALL_ROOT}/profiles/your_profile/properties/ipc.client.props file for IPC connections (see -conntype IPC). You will also comment out the login source line.
com.ibm.IPC.loginUserid=wasadmin
com.ibm.IPC.loginPassword=itsasecret
# com.ibm.IPC.loginSource=prompt
Or, with the wsadmin command, -conntype NONE can be used, to make an unauthenticated connection.
wsadmin.sh -conntype NONE
You may then want to use PropFilePasswordEncoder to XOR encode the cleartext password.
${WAS_INSTALL_ROOT}/profiles/your_profile/bin/PropFilePasswordEncoder.sh ${WAS_INSTALL_ROOT}/profiles/your_profile/properties/soap.client.props com.ibm.SOAP.loginPassword
After the PropFilePasswordEncoder script completes, if you re-check the client.props file, you should see something like this.
com.ibm.SOAP.loginPassword={xor}Gi16ABcdAApuAB=
Did you find this article helpful?
If so, consider buying me a coffee over at