Support Disclaimer

PLEASE NOTE THAT I WILL NOT OFFER ANY SUPPORT, MODIFICATIONS OR ANSWER QUESTIONS FOR MY FREE JOOMLA EXTENSIONS!

Because of repeatedly bad behavior, discrediting and lack of common sense from a lot of people I have decided to not help anyone anymore for free...

It breaks my heart to have to do this but because of the increasing bad behavior among Internet trolls I feel I have no other option.

There are a very few of you actually bothering to say thanks and even fewer that send a donation now and again and that I really appreciate, the others demanding my time, demanding I make changes for them or the people calling me names because I ask them to check the manual or read the F.A.Q I don't appreciate as much...

Here are a few of the latest months appreciations I have gotten as actual quotes:

From user "Bill": "I know more about webprogramming than you do, so I know that amateurs have no idea, they need testing. I realised, you haven't got the skills to fix anything. You may have good intensions but that is not enough to code."

From Erik: "How do I change width of the popup? This is useless if you cant change the setting. You say it is easy to use, I wasted my time so you need to fix it and send me new program"

From anonymous: "You have to write the worst code ever, I tried to fix your code but it is so bad I can't use it!"

From Dave:  "You claim it's simple then you fix this piece of sh*t code!"

From Greg: "This is the third time I am contacting you to fix the problems I am having. Fix it now or I will contact someone who will and charge you, you f*****g moron"

 

CLOSE THIS BOX

So, into IBM WebSphere stuff?

Me too... or rather that is what I am working with. Mostly WebSphere Partner Gateway (WPG) and WebSphere Transformation Extender (WTX) but also some MQ of course and a little WebSphere Message Broker (WMB) from time to time.

This would serve as my repository for neat tricks and stuff I need to remember...

 

As horrible as can be, but unfortunately IBM does not really hash their passwords in, for example, Security.xml.

Did you forget your keystore or DB password?

Don't sweat it, just copy the {xor} string and head over to:

http://www.sysman.nl/wasdecoder/

You can also do it on the server with the WAS installation.

/opt/ibm/AppServer/java/bin> ./java -cp ../../bin/ProfileManagement/plugins/com.ibm.websphere.v61_6.1.200/ws_runtime.jar com.ibm.ws.security.util.PasswordDecoder {xor}CDo9Hgw=

Result:
encoded password == "{xor}CDo9Hgw=", decoded password == "WebAS"

Stopping the application server when Administrative Security is enabled



While the command to start the application server is still the same when administrative security is enabled, stopping the server requires extra information.
You must specify a user ID with administrator role rights, or the primary administrative user name specified in the user account repository and its password, in the stopServer command:

\bin\stopServer.bat/sh -username -password

For WebSphere Application Server running under a UNIX-based operating system (OS), the previously mentioned command (the UNIX equivalent) carries a serious security problem. Anyone who uses the ps -ef command while the stopServer process is running can see the user ID and the password.
To avoid this problem:

1. If you are using the SOAP connection type (default) to stop the server, edit the \profiles\\properties\soap.client.props file. Then, change the values of the following properties:

com.ibm.SOAP.securityEnabled=true
com.ibm.SOAP.loginUserid=
com.ibm.SOAP.loginPassword=

with administrator role rights or the primary administrative user name defined in the user account repository.

2. Encode the com.ibm.SOAP.loginPassword property value as follows:

\bin\PropFilePasswordEncoder.bat/sh soap.client.props
com.ibm.SOAP.loginPassword

Examine the result and remove the soap.client.props.bak backup file, that was created by the previous command. This file contains the unencrypted password.

3. Make sure that proper file access rights for sensitive WebSphere Application Server files, such as properties files and executable files, are set. At a minimum, ensure that permissions prevent general users from accessing these files. WebSphere administrators must be the only users that are granted access to these files. For optimal security, access to the entire WebSphere directory tree must be removed for general users.
Whether administrative security is enabled or disabled, stop the WebSphere Application Server as follows:

\bin\stopServer.bat/sh

 

Please consider supporting my efforts.

Amount: 

Thursday the 28th. Wasen.net.