How to hide passwords and account information in WLST scripts (WebLogic Server)

If you are worried about your password showing up in clear text in the startup scripts, you can use the storeUserConfig command to generate encrypted userconfigFile and a userKeyFile that you can then use in the „nmConnect“ and „connect“ command.

Place there two files on the protected place and decide to set right permissions

Create storeUserConfig for the Node Manager

Start wlst via the shell script $ORACLE_HOME/oracle_common/common/bin/wlst.sh:

/u01/app/oracle/product/FMW/Oracle_Home/oracle_common/common/bin/wlst.sh

Connect to Node Manager (important note: the Node Manager must be running!):

nmConnect('nodemgr','welcome1','host03.example.com','5556','forms_domain','/u01/app/oracle/user_projects/domains/forms_domain')

Connect to the Admin Server (important note: the Admin Server must be running):

connect('weblogic','welcome1','t3://host03.example.com')

Store the login information of the Node Manager Administrator.

In this example we will create two files to store the logon information of Node Manager Administrator:

wlst> storeUserConfig('/u01/app/oracle/user_projects/domains/forms_domain/userNMConfigFile','/u01/app/oracle/user_projects/domains/forms_domain/userNMKeyFile',nm='true')

Now you are able to use store files instead of username and password in the nmConnect command:

nmConnect(userConfigFile='/u01/app/oracle/user_projects/domains/forms_domain/userNMConfigFile',userKeyFile='/u01/app/oracle/user_projects/domains/forms_domain/userNMKeyFile',host='host03.example.com',port='5556',domainName='forms_domain',domainDir='/u01/app/oracle/user_projects/domains/forms_domain')

Create storeUserConfig for the weblogic Administrator

Create userconfigFile and a userKeyFile that you can then use in the „connect“ command:

Start wlst via the shell script $ORACLE_HOME/oracle_common/common/bin/wlst.sh:

/u01/app/oracle/product/FMW/Oracle_Home/oracle_common/common/bin/wlst.sh

Connect to the Admin Server (important note: the Admin Server must be running):

connect('weblogic','welcome1','t3://host03.example.com')

Store the Password of the WebLogic User in the Store File:

wlst> storeUserConfig('/u01/app/oracle/user_projects/domains/forms_domain/userWLSConfigFile','/u01/app/oracle/user_projects/domains/forms_domain/userWLSKeyFile',nm='false')

Now you are able to use store files instead of username and password in the connect command:

connect(userConfigFile='/u01/app/oracle/user_projects/domains/forms_domain/userWLSConfigFile',userKeyFile='/u01/app/oracle/user_projects/domains/forms_domain/userWLSKeyFileadm',url='t3://host03.example.com:7001')

Script Examples

Example 1: Start Admin Server via WLST without Node Manager:

connect(userConfigFile='/u01/app/oracle/user_projects/domains/forms_domain/userWLSConfigFile',userKeyFile='/u01/app/oracle/user_projects/domains/forms_domain/userWLSKeyFile',url='t3://host03.example.com:7001')
startServer('AdminServer')

Example 2: Start Admin Server via WLST and Node Manager:

nmConnect(userConfigFile='/u01/app/oracle/user_projects/domains/forms_domain/userNMConfigFile',userKeyFile='/u01/app/oracle/user_projects/domains/forms_domain/userNMKeyFile',host='host03.example.com',port='5556',domainName='forms_domain',domainDir='/u01/app/oracle/user_projects/domains/forms_domain')
nmStart ('AdminServer')

Autor: Neselovskyi, Borys

Borys Neselovskyi has more than 20 years of experience in the IT sector, especially in the Oracle environment. His area of responsibility includes the conception and implementation of infrastructure solutions based on Oracle Database/Middleware/Engineered Systems/Virtualization. His focus is on high availability, security, performance tuning, consolidation and migration of complex environments, virtualization (P2V) as well as the conception and implementation of Oracle Engineered Systems. Borys is very familiar with cloud technology. With great commitment he shares his cloud know-how with the community. For many years, he has been sharing his skills through several channels: e.g. social media, his IT-related blogs, discussion forums, white papers and numerous articles. He is also a regular speaker at conferences, meetings, panels, etc. Borys is responsible for the middleware stream at DOAG and was awarded Oracle ACE. Since August 2020 Borys works as Senior Sales Engineer at EnterpriseDB and takes care of customers who are using Postgres database.

3 Kommentare zu „How to hide passwords and account information in WLST scripts (WebLogic Server)“

  2. Pingback: WebLogic & Developer Partner Community Newsletter April 2017 | WebLogic Community
  3. Pingback: How to hide passwords and account information in WLST scripts (WebLogic Server) by Neselovskyi, Borys | WebLogic Community

Hinterlasse einen Kommentar

Diese Seite verwendet Akismet, um Spam zu reduzieren. Erfahre, wie deine Kommentardaten verarbeitet werden..

Marco's DBA Blog

jee's blog

Lets learn, implement, fix and optimize!

Pickleball spielen

002 - License to dink

All about modern software technologies & architectures

Cloud-native, technology and software architecture

Practical experience on Oracle products

by Borys Neselovskyi

The Big Bang Tech

Developer Community

by Jürgen Kress

Holgers Weblog - Oracle Forms, APEX, Docker and beyond

by Borys Neselovskyi

Stefan's Blog

Oracle: "eine unendliche Geschichte" / "the never-ending story"

Jan-Peter's Weblog

Oracle Datenbanken und Applikation Server

hias222

Tips and Tricks about Oracle Core Technologies

Oracle Blogs | Oracle Blogs

by Borys Neselovskyi

orcladmin

by Borys Neselovskyi

Inside BPM and SOA

by Borys Neselovskyi

SOA, EDA, BPEL, BAM, Mobile - The Blog

by Borys Neselovskyi

Talk2Gerd

by Borys Neselovskyi

The Cattle Crew Blog

All about Digital Transformation, BI & Big Data, Cloud & Infrastructure, Software Development, BPM & Integration. Powered by OPITZ CONSULTING Deutschland GmbH.

Mohammad Esad-Djou's Blog

A multilingual site about IT-Solutions and Oracle Fusion Middleware

Oraculix

Datenbanken, Linux, Cloud u.v.m.

PaaS Community Blog

by Jürgen Kress