PQ56022: DATASOURCE PASSWORDS ARE NOT ENCRYPTED IN WSCP OUTPUT. | |||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Problem Summary: DataSource passwords are encrypted in the Administrative console and in XMLConfig exported XML files. However in wscp you can view the DataSource password in clear text.Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * 4.0 who use wscp to display datasource * * objects. * **************************************************************** * PROBLEM DESCRIPTION: When displaying datasource objects with * * wscp, passwords are displayed in clear * * text. * **************************************************************** * RECOMMENDATION: * **************************************************************** Wscp displays password attributes in clear text, which can be a security exposure.Problem conclusion wscp code is changed to display "****" instead of the actual password when objects with password attributes are displayed. wscp input is unchanged.Temporary fix I have place a test fix out on wasdoc0/apars/PQ56022/4.0.1. Please let me know of any feedback.Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
SRLS
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ56022
IBM Group: Software Group
Modified date: Jan 9, 2002
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.