Geekflare
[gtranslate]
Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
In WebSphere  |  Last updated: September 6, 2022
Share on:
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

Configure WAS to Stop asking for Password during Shutdown

By
ibm

Are you annoyed with a credential prompt whenever you shut down the DMGR, Nodeagent, or JVM?

Well, not anymore, because you are going to learn how to configure IBM WebSphere Application Server to stop prompting for credentials every time.

was-prompt-password

In default WebSphere installation when security is enabled, you will get a credential prompt as shown below at every shutdown.

The following procedure will help you to configure WAS in such a way that you don’t get a credential prompt anymore during a shutdown.

Note: this must be done at profile levels like DMGR or node agent and assume you are using default connection type (SOAP). So ready?

  • Login into WAS server
  • Go to $PROFILE_HOMEproperties
  • Take a backup of soap.client.props. Or you may also take complete WebSphere configuration backup using backupconfig.sh as explained here.
  • Modify the soap.client.props file using vi and ensure the following three changes.

First– change false to true for SOAP security

com.ibm.SOAP.securityEnabled=true

Second & third – enter user & password, which as administrator role rights.

com.ibm.SOAP.loginUserid=chandan #change this with your environment admin
com.ibm.SOAP.loginPassword=chandan # changed this
  • So here is how file should look like

soap-client-props

  • Test it by restarting respective Node, DMGR, or JVM.

Here is a useful tip

if you notice in the above file you can see user and password as plain text, which you don’t want to in a production environment. It’s recommended to encrypt the password and here is how you can do it.

  • Go to $PROFILE_HOMEbin folder
  • Execute the following command to encrypt the password
./PropFilePasswordEncoder.sh $PROFILE_HOME/properties/soap.client.props com.ibm.SOAP.loginPassword

Example:-

[root@localhost bin]# ./PropFilePasswordEncoder.sh /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/properties/soap.client.props com.ibm.SOAP.loginPassword
[root@localhost bin]#
  • Let’s take a look at the password field now.
com.ibm.SOAP.loginPassword={xor}PDc+MTs+MQ==
  • So you can see it’s encrypted which is much better, isn’t it?

BTW, do you know you can decrypt the XOR password?

Looking to learn WAS administration? Check out this Udemy course.

  • Chandan Kumar
    Author
    As the founder of Geekflare, I’ve helped millions to excel in the digital realm. Passionate about technology, I’m on a mission to explore the world and amplify growth for professionals and businesses alike.
Thanks to our Sponsors
More great readings on WebSphere
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti
    Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Brightdata
    Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • Monday.com
    Monday.com is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.
    Try Monday
  • Intruder
    Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder