Original Source: http://techtapas.blogspot.com/2011/05/how-to-decrypt-weblogic-passwords-with.html
How to decrypt WebLogic passwords with WLST
Sooner or later you will find the situation where you do not remember any of the WebLogic Server password’s stored in the configuration files.
Some examples are:
a) The WebLogic Server administrator credentials (username and password) stored in the files config.xml and boot.properties
b) Node Manager password, stored also in the config.xml file (if you still have the default password, don’t wait and change it know!!)
c) Database password used by the JDBC Data Sources and stored in the file[DOMAIN_HOME]/config/jdbc/[datasource_name].xml
So, how to decrypt this data in 3 easy steps. Just follow this techtapa recipe:
Ingredients:
- 1 WLST script
- The path of the WebLogic Server domain
- The encrypted field, for example, username and password from boot.properties
Preparation:
1. Copy this WLST script (you can also download it here).
2. Set your environment (CLASSPATH, PATH,..). Open a console, go to[FMW_HOME]/wlserver_10.3/server/bin/ and run the script setWLSEnv.sh:
$ . ./setWLSEnv.sh
3.Run the script. Go to the path where you copied the WLST script ( decryptPassword.py) and run it. You must provide two arguments, the WebLogic Server domain Home full path and the string you want to decrypt, for example:
$ java weblogic.WLST decryptPassword.py /opt/oracle/Middleware/user_projects/domains/base_domain {AES}LU5dLPP0PliNb5Ml1Fo7rD2AbNFwLcyLtYUEDTb+8zY\=
Some examples are:
a) The WebLogic Server administrator credentials (username and password) stored in the files config.xml and boot.properties
b) Node Manager password, stored also in the config.xml file (if you still have the default password, don’t wait and change it know!!)
c) Database password used by the JDBC Data Sources and stored in the file[DOMAIN_HOME]/config/jdbc/[datasource_name].xml
So, how to decrypt this data in 3 easy steps. Just follow this techtapa recipe:
Ingredients:
- 1 WLST script
- The path of the WebLogic Server domain
- The encrypted field, for example, username and password from boot.properties
Preparation:
1. Copy this WLST script (you can also download it here).
import os
import weblogic.security.internal.SerializedSystemIni
import weblogic.security.internal.encryption.ClearOrEncryptedService
def decrypt(domainHomeName, encryptedPwd):
domainHomeAbsolutePath = os.path.abspath(domainHomeName)
encryptionService = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domainHomeAbsolutePath)
ces = weblogic.security.internal.encryption.ClearOrEncryptedService(encryptionService)
clear = ces.decrypt(encryptedPwd)
print "RESULT:" + clear
try:
if len(sys.argv) == 3:
decrypt(sys.argv[1], sys.argv[2])
else:
print "INVALID ARGUMENTS"
print " Usage: java weblogic.WLST decryptPassword.py DOMAIN_HOME ENCRYPTED_PASSWORD"
print " Example:"
print " java weblogic.WLST decryptPassword.py D:/Oracle/Middleware/user_projects/domains/base_domain {AES}819R5h3JUS9fAcPmF58p9Wb3syTJxFl0t8NInD/ykkE="
except:
print "Unexpected error: ", sys.exc_info()[0]
dumpStack()
raise
2. Set your environment (CLASSPATH, PATH,..). Open a console, go to[FMW_HOME]/wlserver_10.3/server/bin/ and run the script setWLSEnv.sh:
$ . ./setWLSEnv.sh
3.Run the script. Go to the path where you copied the WLST script ( decryptPassword.py) and run it. You must provide two arguments, the WebLogic Server domain Home full path and the string you want to decrypt, for example:
$ java weblogic.WLST decryptPassword.py /opt/oracle/Middleware/user_projects/domains/base_domain {AES}LU5dLPP0PliNb5Ml1Fo7rD2AbNFwLcyLtYUEDTb+8zY\=
No comments:
Post a Comment