PQ56022: DATASOURCE PASSWORDS ARE NOT ENCRYPTED IN WSCP OUTPUT.

 A fix is available

System Management Component Cumulative Fix for 4.0.2/4.0.3/4.0.4 /4.0.5



APAR status
Closed as program error.

Error description
Problem Summary: DataSource passwords are encrypted in the
Administrative console and in XMLConfig exported XML files.
However in wscp you can view the DataSource password in clear
text.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 4.0 who use wscp to display datasource       *
*                 objects.                                     *
****************************************************************
* PROBLEM DESCRIPTION: When displaying datasource objects with *
*                      wscp, passwords are displayed in clear  *
*                      text.                                   *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Wscp displays password attributes in clear text, which can be
a security exposure.
Problem conclusion
wscp code is changed to display "****" instead of the actual
password when objects with password attributes are displayed.
wscp input is unchanged.
Temporary fix
I have place a test fix out on wasdoc0/apars/PQ56022/4.0.1.
Please let me know of any feedback.
Comments
APAR information
APAR number PQ56022
Reported component name WEBSPHERE AE SO
Reported component ID 5630A2202
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2001-12-18
Closed date 2002-01-09
Last modified date 2002-01-09

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
WSCP          

SRLS

Fix information
Fixed component name WEBSPHERE AE SO
Fixed component ID 5630A2202

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ56022
IBM Group: Software Group
Modified date: Jan 9, 2002