APAR status
Closed as program error.
Error description
The password is stored in clear text in the bootstrap.properties file for Liberty Profile or in the JVM custom properties for WebSphere Application Server V7.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * * Administrators working with either the WebSphere Application * * Server v7 or Liberty Profile configurations where ACL * * management uses an LDAP server that doesn't authorize * * anonymous access. * **************************************************************** * PROBLEM DESCRIPTION: * * The password value of the * * 'ibm.appcenter.ldap.security.bindpwd' property is stored in * * clear text. Per a security policy, it could be required that * * this property be encoded with the WebSphere encoding tool. * **************************************************************** * RECOMMENDATION: * ****************************************************************
Problem conclusion
The fix allows the 'ibm.appcenter.ldap.security.bindpwd' property to be encoded with the WebSphere encoding tool. For Liberty Profile run the securityUtility command that generates an encoded password and set the 'ibm.appcenter.ldap.security.bindpwd' property with the encoded password in the boostrap.properties file. For WebSphere Application Server V7 run the PropFilePasswordEncoder utility tool that generates an encoded password and set the 'ibm.appcenter.ldap.security.bindpwd' property with the encoded password in the JVM custom property. For the Liberty Profile the server.xml file will need to be edited to enable the classloader to load the encoder jar file. Edit the server.xml file and add the following entry inside the <application context-root="applicationcenter" > entry just before the </application> tag : <classloader delegation="parentLast"> <commonLibrary> <fileset dir="${wlp.install.dir}/lib" includes="com.ibm.ws.crypto.passwordutil_1.0.jar"/> </commonLibrary> </classloader> The fix for this APAR is currently targeted for inclusion in fixpack 5.0.6.1.
Temporary fix
Comments
APAR Information
APAR number
PM88444
Reported component name
WORKLIGHT CONSU
Reported component ID
5725I4301
Reported release
505
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-05-04
Closed date
2013-05-04
Last modified date
2013-05-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WORKLIGHT CONSU
Fixed component ID
5725I4301
Applicable component levels
R505 PSY
UP
R506 PSY
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSZH4A","label":"IBM Worklight"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"505","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
04 May 2013