PK04255: APPLICATION SERVER STARTUP SHOWS NON-ENCRYPTED PASSWORD FOR LDAPUSERREGISTRY SERVER PASSWORD

 Fixes are available

5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for AIX
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for HP-UX
5.1.1.19: WebSphere Application Server V5.1.1 Cumulative Fix 19 for Linux
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for AIX
6.0.2.25: WebSphere Application Server V6.0.2 Fix Pack 25 for AIX platforms
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for AIX
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for HP-UX
6.0.2.27: WebSphere Application Server V6.0.2 Fix Pack 27 for HP-UX platforms
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for Solaris
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for Windows
6.0.2.27: WebSphere Application Server V6.0.2 Fix Pack 27 for OS/400 platform
6.0.2.27: WebSphere Application Server V6.0.2 Fix Pack 27 for Solaris
6.0.2.27: WebSphere Application Server V6.0.2 Fix Pack 27 for Windows platforms
6.0.2.27: WebSphere Application Server V6.0.2 Fix Pack 27 for AIX platforms
6.0.2.25: WebSphere Application Server V6.0.2 Fix Pack 25 for HP-UX platforms
6.0.2.23: WebSphere Application Server V6.0.2 Fix Pack 23 for HP-UX platforms
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for Linux
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for Linux
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for Solaris
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for Windows
6.0.2.23: WebSphere Application Server V6.0.2 Fix Pack 23 for AIX platforms
6.0.2: WebSphere Application Server V6.0 Refresh Pack 2 for AIX platforms
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Solaris
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Windows
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Solaris
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Windows
6.0.2.3: WebSphere Application Server V6.0.2 Fix Pack 3 for AIX platforms
6.0.2.1: WebSphere Application Server V6.0.2 Fix Pack 1 for HP-UX platforms
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for AIX
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for AIX
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Linux
5.1.1.19: WebSphere Application Server V5.1.1 Cumulative Fix 19 for AIX
6.0.2.29: WebSphere Application Server V6.0.2 Fix Pack 29 for AIX platforms
6.0.2.29: WebSphere Application Server V6.0.2 Fix Pack 29 for HP-UX platforms
6.0.2.29: WebSphere Application Server V6.0.2 Fix Pack 29 for Linux platforms
V6.0.2: Java SDK 1.4.2 SR11 Cumulative Fix for IBM WebSphere Application Server
6.0.2.29: WebSphere Application Server V6.0.2 Fix Pack 29 for Solaris
6.0.2.29: WebSphere Application Server V6.0.2 Fix Pack 29 for Windows platforms
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Windows
6.0.2.27: WebSphere Application Server V6.0.2 Fix Pack 27 for Linux platforms
5.1.1.19: WebSphere Application Server V5.1.1 Cumulative Fix 19 for Windows
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for HP-UX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Solaris
6.0.2.1: WebSphere Application Server V6.0.2 Fix Pack 1 for Linux platforms
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Solaris
6.0.2.3: WebSphere Application Server V6.0.2 Fix Pack 3 for Linux platforms
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Windows
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Solaris
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for AIX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for AIX
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Linux
6.0.2: WebSphere Application Server V6.0 Refresh Pack 2 for HP-UX platforms
6.0.2: WebSphere Application Server V6.0 Refresh Pack 2 for OS/400 platforms
5.0.2.12: WebSphere Application Server 5.0.2 Cumulative Fix 12
5.1.1.6: WebSphere Application Server Version 5.1.1 Cumulative Fix 6
6.0.2.1: WebSphere Application Server V6.0.2 Fix Pack 1 for AIX platforms
6.0.2.1: WebSphere Application Server V6.0.2 Fix Pack 1 for Solaris platforms
6.0.2.1: WebSphere Application Server V6.0.2 Fix Pack 1 for Windows platforms
5.1.1.7: WebSphere Application Server Version 5.1.1 Cumulative Fix 7
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for HP-UX
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for AIX
6.0.2.5: WebSphere Application Server V6.0.2 Fix Pack 5 for Solaris platforms
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Windows
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for HP-UX
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for AIX
6.0.2.7: WebSphere Application Server V6.0.2 Fix Pack 7 for Solaris platforms
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for AIX
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Linux
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for HP-UX
6.0.2.9: WebSphere Application Server V6.0.2 Fix Pack 9 for Windows platforms
6.0.2: WebSphere Application Server V6.0 Refresh Pack 2 for Solaris platforms
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Linux
6.0.2.7: WebSphere Application Server V6.0.2 Fix Pack 7 for AIX platforms
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for HP-UX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Linux
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for HP-UX
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for Windows
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Solaris
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Windows
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for AIX
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for Windows
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for Solaris
6.0.2.11: WebSphere Application Server V6.0.2 Fix Pack 11 for Solaris platforms
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for Solaris
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for Linux
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for Windows
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for HP-UX
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for AIX
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for Windows
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for Solaris
6.0.2.13: WebSphere Application Server V6.0.2 Fix Pack 13 for AIX platforms
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Windows
6.0.2.13: WebSphere Application Server V6.0.2 Fix Pack 13 for HP-UX platforms
6.0.2.11: WebSphere Application Server V6.0.2 Fix Pack 11 for Windows platforms
6.0.2.11: WebSphere Application Server V6.0.2 Fix Pack 11 for HP-UX platforms
6.0.2.11: WebSphere Application Server V6.0.2 Fix Pack 11 for Linux platforms
6.0.2.13: WebSphere Application Server V6.0.2 Fix Pack 13 for Windows platforms
6.0.2.13: WebSphere Application Server V6.0.2 Fix Pack 13 for Linux platforms
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for AIX
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for Linux
6.0.2.15: WebSphere Application Server V6.0.2 Fix Pack 15 for OS/400
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for HP-UX
6.0.2.15: WebSphere Application Server V6.0.2 Fix Pack 15 for HP-UX
6.0.2.9: WebSphere Application Server V6.0.2 Fix Pack 9 for Solaris platforms
6.0.2.3: WebSphere Application Server V6.0.2 Fix Pack 3 for HP-UX platforms
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for Solaris
6.0.2.3: WebSphere Application Server V6.0.2 Fix Pack 3 for Windows platforms
6.0.2.5: WebSphere Application Server V6.0.2 Fix Pack 5 for HP-UX platforms
6.0.2.5: WebSphere Application Server V6.0.2 Fix Pack 5 for AIX platforms
6.0.2.7: WebSphere Application Server V6.0.2 Fix Pack 7 for HP-UX platforms
6.0.2.7: WebSphere Application Server V6.0.2 Fix Pack 7 for Linux platforms
6.0.2.7: WebSphere Application Server V6.0.2 Fix Pack 7 for Windows platforms
6.0.2.9: WebSphere Application Server V6.0.2 Fix Pack 9 for AIX platforms
6.0.2.9: WebSphere Application Server V6.0.2 Fix Pack 9 for HP-UX platforms
6.0.2.9: WebSphere Application Server V6.0.2 Fix Pack 9 for Linux platforms
6.0.2.1: WebSphere Application Server V6.0.2 Fix Pack 1 for OS/400 platform
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for Solaris
6.0.2.3: WebSphere Application Server V6.0.2 Fix Pack 3 for Solaris platforms
6.0.2.25: WebSphere Application Server V6.0.2 Fix Pack 25 for Linux platforms
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for AIX
6.0.2.25: WebSphere Application Server V6.0.2 Fix Pack 25 for Solaris
6.0.2.25: WebSphere Application Server V6.0.2 Fix Pack 25 for Windows platforms
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for Windows
5.0.2.13: WebSphere Application Server 5.0.2 Cumulative Fix 13
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for HP-UX
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for Solaris
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for Solaris
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for Linux
6.0.2.15: WebSphere Application Server V6.0.2 Fix Pack 15 for AIX
6.0.2.15: WebSphere Application Server V6.0.2 Fix Pack 15 for Solaris
6.0.2.19: WebSphere Application Server V6.0.2 Fix Pack 19 for AIX platforms
6.0.2.17: WebSphere Application Server V6.0.2 Fix Pack 17 for OS/400 platform
6.0.2.17: WebSphere Application Server V6.0.2 Fix Pack 17 for Solaris
6.0.2.17: WebSphere Application Server V6.0.2 Fix Pack 17 for Windows platforms
6.0.2.17: WebSphere Application Server V6.0.2 Fix Pack 17 for HP-UX platforms
6.0.2.17: WebSphere Application Server V6.0.2 Fix Pack 17 for AIX platforms
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for AIX
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for Linux
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for Windows
6.0.2: WebSphere Application Server V6.0 Refresh Pack 2 for Windows platforms
6.0.2: WebSphere Application Server V6.0 Refresh Pack 2 for Linux platforms
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for Windows
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for Linux
6.0.2.5: WebSphere Application Server V6.0.2 Fix Pack 5 for Windows platforms
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for HP-UX
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for HP-UX
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Linux
6.0.2.5: WebSphere Application Server V6.0.2 Fix Pack 5 for Linux platforms
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for HP-UX
6.0.1.2: WebSphere Application Server Version 6.0.1 Fix Pack 2
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Linux
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Solaris
6.0.2.11: WebSphere Application Server V6.0.2 Fix Pack 11 for AIX platforms
6.0.2.19: WebSphere Application Server V6.0.2 Fix Pack 19 for HP-UX platforms
6.0.2.19: WebSphere Application Server V6.0.2 Fix Pack 19 for Windows platforms
6.0.2.13: WebSphere Application Server V6.0.2 Fix Pack 13 for Solaris platform
6.0.2.19: WebSphere Application Server V6.0.2 Fix Pack 19 for OS/400 platform
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for AIX
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for HP-UX
6.0.2.21: WebSphere Application Server V6.0.2 Fix Pack 21 for HP-UX platforms
6.0.2.21: WebSphere Application Server V6.0.2 Fix Pack 21 for Linux platforms
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for HP-UX
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for Linux
6.0.2.23: WebSphere Application Server V6.0.2 Fix Pack 23 for Windows platforms
6.0.2.23: WebSphere Application Server V6.0.2 Fix Pack 23 for Solaris
6.0.2.23: WebSphere Application Server V6.0.2 Fix Pack 23 for OS/400 platform
6.0.2.15: WebSphere Application Server V6.0.2 Fix Pack 15 for Windows
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for Linux
6.0.2.23: WebSphere Application Server V6.0.2 Fix Pack 23 for Linux platforms
6.0.2.21: WebSphere Application Server V6.0.2 Fix Pack 21 for AIX platforms
6.0.2.21: WebSphere Application Server V6.0.2 Fix Pack 21 for Windows platforms
6.0.2.21: WebSphere Application Server V6.0.2 Fix Pack 21 for Solaris platforms
6.0.2.19: WebSphere Application Server V6.0.2 Fix Pack 19 for Solaris
6.0.2.17: WebSphere Application Server V6.0.2 Fix Pack 17 for Linux platforms
6.0.2.19: WebSphere Application Server V6.0.2 Fix Pack 19 for Linux platforms
5.1.1.19: WebSphere Application Server V5.1.1 Cumulative Fix 19 for HP-UX
6.0.2.31: WebSphere Application Server V6.0.2 Fix Pack 31 for AIX platforms
6.0.2.31: WebSphere Application Server V6.0.2 Fix Pack 31 for HP-UX platforms
6.0.2.31: WebSphere Application Server V6.0.2 Fix Pack 31 for OS/400 platform
6.0.2.31: WebSphere Application Server V6.0.2 Fix Pack 31 for Linux platforms
6.0.2.31: WebSphere Application Server V6.0.2 Fix Pack 31 for Solaris
6.0.2.31: WebSphere Application Server V6.0.2 Fix Pack 31 for Windows platforms
V6.0.2: Java SDK 1.4.2 SR11 Cumulative Fix for IBM WebSphere Application Server



APAR status
Closed as program error.

Error description
Start up of Application Server shows the non-encrypted password
for the LDAPUserRegistry. The following lines show where the
value for serverPassword is not encrypted. It shows:
 serverPassword: pword1
The password should be encrypted.
 -
Entries from the Application Server startup that shows the
problem::
 -
DocAccessor   < lookup
  com.ibm.websphere.models.config.security.impl.
  LDAPUserRegistryImpl@18205
  (serverId: uid=userid1,cn=users,l=location,
  st=massachusetts,c=us,ou=lotus,o=software group,dc=ibm,dc=com,
  serverPassword: pword1,
  realm: ids52ldap.notesdev.ibm.com:389,
  limit: <unset>, ignoreCase: true) (type: IBM_DIRECTORY_SERVER,
  sslEnabled: false, sslConfig: p650-3lpar4/DefaultSSLSettings,
  baseDN: l=location,st=massachusetts,c=us,ou=lotus,
  o=software group,dc=ibm,dc=com,
  bindDN: uid=userid2,cn=users,l=location,st=massachusetts,
  c=us,ou=lotus,o=software group,dc=ibm,dc=com,
  bindPassword: pword2, searchTimeout: 120,
  monitorInterval: <unset>, reuseConnection: false)

MOFUtil       > getAttribute
  com.ibm.websphere.models.config.security.impl.
  LDAPUserRegistryImpl@182057d3 (serverId: uid=userid1,
  cn=users,l=location,st=massachusetts,c=us,ou=lotus,o=software
  group,dc=ibm,dc=com, serverPassword: pword1,
  realm: ids52ldap.notesdev.ibm.com:389, limit: <unset>,
  ignoreCase: true)
  (type: IBM_DIRECTORY_SERVER, sslEnabled: false,
  sslConfig: p650-3lpar4/DefaultSSLSettings,
  baseDN: l=location,st=massachusetts,c=us,ou=lotus,
  o=software group,dc=ibm,dc=com,
  bindDN: uid=userid2,cn=users,l=location,st=massachusetts,
  c=us,ou=lotus,o=software group,dc=ibm,dc=com,
  bindPassword: pword2, searchTimeout: 120,
  monitorInterval: <unset>, reuseConnection: false) serverId
Local fix
Search Keywords: clear unencrypted encryption security LDAP
pass word passwords UserRegistry appserver dmgr nodeagent
portal portlet portalserver
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application server users that      *
*                 are using the LDAP User Registry function.   *
****************************************************************
* PROBLEM DESCRIPTION: LDAP User Registry passwords were       *
*                      displayed in log files.                 *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The logging function used a model to string conversion methods
which displayed password values in plain text.  The conversion
methods may not display the password values.
Problem conclusion
The conversion methods were updated to display a fixed list of
asterisks instead of the password value.

The modelling policies were updated to require that model
developers update their conversion methods to prevent passwords
from being displayed.
Temporary fix
Trial fix created 28-Apr-05 and being tested.
Comments
APAR information
APAR number PK04255
Reported component name WAS ENTERPRISE
Reported component ID 5630A3700
Reported release 00W
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2005-04-14
Closed date 2005-06-07
Last modified date 2005-06-07

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
WCCMBASE          

Publications Referenced

Fix information
Fixed component name WAS ENTERPRISE
Fixed component ID 5630A3700

Applicable component levels
R003 PSY    UP
R00A PSY    UP
R00H PSY    UP
R00I PSY    UP
R00S PSY    UP
R00W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Enterprise Edition (EE)
Operating system(s):
Software version: 00W
Software edition:
Reference #: PK04255
IBM Group: Software Group
Modified date: Jun 7, 2005