Each ALUI component requires Database information (host, schema, user, password, etc…) in order to interact with their respective Database.
When DBAs change the password of a database user (in some companies, it can actually happen pretty often) that is used by an Aqualogic User Interaction component, a similar “password change” procedure has to be done for each the concerned components’ configuration files.
If that was just it, that could be easy...but thanks to security, every passwords in the ALUI configuration files are encrypted...and thus, you need to encrypt the password too. But how do you encrypt those passwords? Where is the encryption utility?
ALUI provides several encryption mechanisms that you can apply to each component. I will try to walk you through what I call the encryption maze so that changing ALUI passwords becomes a breeze. (Note: files *.bat or *.cmd exist also in the unix/linux world...extension sh)
ALI Portal
DB Configuration File(s) path :
<PORTAL_HOME>\settings\common\serverconfig.xml
Encryption Utility path:
- <PORTAL_HOME>\ptportal\<VERSION>\bin\ptconfig.exe (this utility will change the password directly in the serverconfig.xml file, OR
- <PORTAL_HOME>\ptportal\<VERSION>\bin\cryptoutil.bat (must be executed in a shell or dos prompt -- provides the encrypted version of the text provided)
ALI publisher / Workflow
DB Configuration File(s) path:
- <PORTAL_HOME>\ptcs\<VERSION>\settings\config\database.content.properties (publisher DB connection)
- <PORTAL_HOME>\ptcs\<VERSION>\settings\config\database.portal.properties (portal DB connection)
- <PORTAL_HOME>\ptworkflow\<VERSION>\settings\config\application.conf (workflow DB connection)
Encryption Utility path:
<PORTAL_HOME>\ptcs\<VERSION>\bin\native\pcsencrypt.cmd
Note: You can use that same utility to encrypt the publisher basic authentication user password too.
ALI Collaboration
DB Configuration File(s) path:
- <PORTAL_HOME>\ptcollab\<VERSION>\settings\config\database.xml (collaboration DB connection)
- <PORTAL_HOME>\ptnotification\<VERSION>\settings\config\database.xml (notification DB connection)
Encryption Utility path:
<PORTAL_HOME>\ptcollab\<VERSION>\bin\passwordChanger.bat
The utility passwordChanger.bat will change the password in both config file and database directly. This is very useful indeed, but what if the DBA only can change the password, or what if he already did change it...What now? Well another solution is available to you...you can use another encryption utility that works (weirdly): The publisher encryption utility <PORTAL_HOME>\ptcs\<VERSION>\bin\native\pcsencrypt.cmd
Note: You can use that same utility to encrypt the collaboration basic authentication user password too.
Studio
DB Configuration File(s) path:
- <PORTAL_HOME>\ptstudio\<VERSION>\settings\config\PTStudioConfig.xml (studio and portal DB connections)
Encryption Utility path: No encryption utility is provided in the studio directory, so believe it or not...you guessed it...again the publisher encryption utility can be used for both studio and portal DB passwords.
<PORTAL_HOME>\ptcs\<VERSION>\bin\native\pcsencrypt.cmd
Analytics
- <PORTAL_HOME>\ptanalytics\<VERSION>\settings\config\security\securityservice-config.xml (portal DB connection)
- <PORTAL_HOME>\ptanalytics\<VERSION>\settings\config\hibernate.properties (analytics DB connection)
- <PORTAL_HOME>\ptanalytics\<VERSION>\settings\config\configurator.properties (analytics, portal, collaboration and publisher DB connections)
- <PORTAL_HOME>\ptanalytics\<VERSION>\settings\config\jobs.properties (portal, collaboration and publisher DB connections)
Encryption Utility path: Analytics provide a web configuration interface for changing DB connections and passwords in all the configuration files. But if you need to do it yourself without this web interface, again a solution exist: this time use the ... portal encryption for all the passwords!!
<PORTAL_HOME>\ptportal\<VERSION>\bin\cryptoutil.bat
That's all I got for now! Hope this helps to navigate in ALUI Password encryption hell! :)
thanks! you're a lifesaver :) I've been trying to figure out this combination for some time...
ReplyDelete