Groups > Weblogic > WebLogic Webserver > Clear text value not allowed for credentials in config.xml




Clear text value not allowed for credentials in config.xml

Clear text value not allowed for credentials in config.xml
Thu, 6 Dec 2007 12:00:33 -0800 
I am in the process of migrating our J2EE application from Weblogic 8.1 to
Weblogic 10 MP1 and have converted config.xml to the new schema.  When starting
up in production mode,  I see the following error which causes the server to
shutdown:

<Server failed. Reason: [Management:141266]Parsing Failure in config.xml:
java.lang.IllegalArgumentException: In production mode, it's not allowed to set
a clear text value to the property: CredentialEncrypted of
SecurityConfigurationMBean>

In 8.1 it seems that it would fill in the credentials based on the username and
password in boot.properties so it was possible for our installation program to
leave these entries blank.  However, when starting in 10.0 it doesn't do this. 
Below is an excerpt from config.xml.

  <security-configuration>
    <name>xyz</name>
    <realm>
      <sec:authentication-provider
xsi:type="wls:default-authenticatorType"></sec:authentication-pr
ovider>
      <sec:authentication-provider
xsi:type="wls:default-identity-asserterType">
        <sec:active-type>AuthenticatedUser</sec:active-type>
      </sec:authentication-provider>
      <sec:role-mapper
xsi:type="wls:default-role-mapperType"></sec:role-mapper>
      <sec:authorizer
xsi:type="wls:default-authorizerType"></sec:authorizer>
      <sec:adjudicator
xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
      <sec:credential-mapper
xsi:type="wls:default-credential-mapperType"></sec:credential-ma
pper>
      <sec:cert-path-provider
xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-
provider>
     
<sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder&
gt;
      <sec:user-lockout-manager></sec:user-lockout-manager>
      <sec:security-dd-model>Advanced</sec:security-dd-model>
     
<sec:combined-role-mapping-enabled>false</sec:combined-role-mapping-ena
bled>
      <sec:name>myrealm</sec:name>
    </realm>
    <default-realm>myrealm</default-realm>
    <credential-encrypted></credential-encrypted>
   
<web-app-files-case-insensitive>os</web-app-files-case-insensitive>
   
<compatibility-connection-filters-enabled>true</compatibility-connectio
n-filters-enabled>
    <enforce-strict-url-pattern>false</enforce-strict-url-pattern>
  </security-configuration>

Is anyone else trying to do this?
Post Reply
about | contact