PropFilePasswordEncoder command reference

The PropFilePasswordEncoder command encodes passwords that are located in plain text property files. This command encodes both Secure Authentication Server (SAS) property files and non-SAS property files. After you encode the passwords, a decoding command does not exist.

Avoid trouble [Fix Pack 11 or later] Avoid trouble: If you need to custom encode passwords in property files, manually edit the PropFilePasswordEncoder.sh or PropFilePasswordEncoder.bat file before issuing this command. See the topic Implementing custom password encryption for a description of the lines that need to be added to this file.gotcha
Note: To enable PropFilePasswordEncoder to print out more a debug message than in previous releases, update the command by entering the following:
-Dcom.ibm.websphere.security.passwordEncoderDebug=true

To encode passwords, you must run this command from the directory:

Syntax

[AIX Solaris HP-UX Linux Windows] [z/OS] The command syntax is as follows:
PropFilePasswordEncoder "file_name" { passwordPropertiesList | -SAS } { -noBackup | -Backup } 
    [ -profileName profile ] [ -help | -? ]

Parameters

The following option is available for the PropFilePasswordEncoder command:

file_name [AIX Solaris HP-UX Linux Windows] [z/OS]
This required parameter specifies the name of the file in which passwords are encoded.
passwordPropertiesList
This parameter is required if you are encoding passwords in property files other than the sas.client.props file. Specify one or more password properties that you want to encode. The password properties list should be delimited by commas.
-SAS
This parameter is required if you are encoding passwords in the sas.client.props file.
-noBackup
This parameter is optional and the default. The script does not create a backup file. The default value can be altered by adding following Java System Property: "-Dcom.ibm.websphere.security.util.createBackup=true".
-Backup
This parameter is optional. The script creates a backup file, <file_name>.bak, which contains passwords in clear text.
-profileName [AIX Solaris HP-UX Linux Windows] [z/OS]
This parameter is optional. The profile value specifies an application server profile name. The script uses the password encoding algorithm that it retrieves from the specified profile. If you do not specify this parameter, the script uses the default profile.
-help or -?
If you specify this parameter, the script ignores all other parameters and displays usage text.

Example




Related tasks
[AIX Solaris HP-UX Linux Windows] [z/OS] Encoding passwords in files
Implementing custom password encryption
Reference topic Reference topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Jun 11, 2013 8:40:09 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v701sca&product=was-nd-mp&topic=rsec_propfilepwdencoder
File name: rsec_propfilepwdencoder.html