Question
WebSphere Application Server stores passwords XOR encoded. I'd like to use something stronger. What can I do?
Answers
Prior to WebSphere Application Server V6.0.2, there was little you could do in general. If you didn't like how WebSphere Application Server stored passwords for the J2C resources, you could write you own custom J2C login module to get passwords from a source outside of WebSphere Application Server, but this wouldn't help with other passwords used by WebSphere Application Server: LDAP bind, WebSphere Application Server admin, and so on.

With WebSphere Application Server V6.0.2, you can actually configure your own custom password encoder that can implement whatever protection you deem appropriate. To do this you implement the plugin interface (com.ibm.wsspi.security.crypto.CustomPasswordEncryption) and then specify two custom security properties in security.xml. You can also set these in PropFilePasswordEncoder.bat/sh. The two properties are:

com.ibm.wsspi.security.crypto.customPasswordEncryptionClass
com.ibm.wsspi.security.crypto.customPasswordEncryptionEnabled.

For more information, see the Information Center article: Plug point for custom password encryption.   Your Comment




  • Contributors: *,
More Software Questions..
What is the inputsplit in map reduce software?
What is software configuration management?
What Is Java Api For Xml-based Rpc (jax-rpc)?
How can you implement fine-grained auditing?
What is IBM’s simple explanation for Big Data’s four critical features?
What is static synchronized method in JDBC API? Give an example?
What does the NULLIF function do?
What happens if a start method is not invoked and the run method is directly invoked?
Should we override finalize method
what is the difference between mysql_fetch_array and mysql_fetch_object?
How will XML affect my document links?
Why to use Style Sheets?
What are Filters in MVC?
Can you explain Application layer in OSI model?
How to define new testplan attributes?
What are the minimum system requirements to run Photoshop? Is it possible to run Photoshop over linux?
Which oracle package is used to manage the oracle lock management services?
What is Latch Up? Explain Latch Up with cross section of a CMOS Inverter. How do you avoid Latch Up?
What is marker interface?
What types of partitioning are there for BW?


Search
Can you Answer!!
  • Q How has participating in Sports improved your personality?
  • Q What factors can affect HRP
  • Q What are the after effects?
  • Q Do you plan to continue your education?
  • Q Would it be possible to configure a router for a 255.255.254.0 Ethernet and a 255.255.252.0 serial subnet?
  • Q Caste of a person is determined by:
  • Q What is the theory of Non Symbolic interactionism?
  • Q Is written communication is the transmission of message / information through written words in electronic mails?
  • Q What are the situations under which a copy constructor is used?
  • Q In the western musical terminology, what is meant by "Fortissimo'?
  • Q What are learning strategies and how might they help the design of training programmes?