Every WebSphere environment has a soap.client.props file which administrators can populate with the credentials to stop an application server, nodeagent or deployment manager. Unfortunately in most circumstances, the password is left in plain text which leaves the server vulnerable to anyone snooping around. However, there is a solution! WebSphere includes an application which can encrypt the password. Here’s how you do it.
1. Open the soap.client.props file and populate the username and password if you have not done so already.
com.ibm.SOAP.loginUserid=wasadmin
com.ibm.SOAP.loginPassword=<password>
2. Open a command prompt or terminal session.
3. Change directories to
<WASInstallDir>\profiles\<profile>\bin
For example
C:\IBM\WebSphere\AppServer\profiles\STSCAppProfile\bin
4. Execute the command
PropFilePasswordEncoder.(sh/bat) <Full Path to soap.client.props> com.ibm.SOAP.loginPassword
The command should look like:
PropFilePasswordEncoder.bat C:\IBM\WebSphere\AppServer\profiles\STSCAppProfile\properties\soap.client.props com.ibm.SOAP.loginPassword
4. Check to ensure the password has been encoded:
com.ibm.SOAP.loginUserid=wasadmin
com.ibm.SOAP.loginPassword={xor}Lz4sLCgwLTs=
That’s it! Simple right?
