UNIX system and Linux: Securing the administrative user name and password

On the UNIX system and Linux, perform the steps outlined in this topic to avoid being prompted for the WebSphere Application Server administrative user name and password when running the stopServer.sh script from the command line.
About this task
On the UNIX system and Linux, passing the WebSphere Application Server administrative user name and password to the stopServer.sh script exposes the user name and password to anyone who issues the ps -ef command. To avoid being prompted for the administrative user name and password, perform the following steps:
The following variables are used in path names in this topic:
admin-user-name
WebSphere Application Server administrative user name
admin-password
WebSphere Application Server administrative password
RATIONAL_COMMON
Directory where the Rational common files are installed
  1. Navigate to the properties directory associated with the CM Server profile:
    cd $RATIONAL_COMMON/CM/profiles/cmprofile/properties
  2. Edit the file soap.client.props and change the values of the following properties:
    • com.ibm.SOAP.securityEnabled=true
    • com.ibm.SOAP.loginUserid=admin-user-name
    • com.ibm.SOAP.loginPassword=admin-password
  3. Encode the property value com.ibm.SOAP.loginPassword by running the script PropFilePasswordEncoder.sh in a command prompt window:
    $RATIONAL_COMMON/eWAS/bin/PropFilePasswordEncoder.sh soap.client.props com.ibm.SOAP.loginPassword
  4. Verify that the password is encoded and then remove the file soap.client.props.bak.
  5. Check that the proper file permissions are set for sensitive WebSphere Application Server files, such as properties files and executable files. At a minimum, check that the permissions are set to prevent general users from accessing these files. Only WebSphere Application Server administrators should be granted access to these files.

Feedback