Question
I was wondering what is the default implementation of JAAS in Websphere ?
For example: In Websphere, when you create a JAAS credential for a DataSource, where is the credential stored ? I mean what kind of store it uses ie: RDBMS, LDAP, Plain text file ... etc. So there must be some kind of store to which JAAS api must be connecting to in order to retrieve a DataSource's credentials when needed for authentication in the apps.
Not sure if I should use the word implementation here.
Regards,
Solution 2
"Implementation" is the correct word.
WebSphere stores its entire configuration in a set of XML files (such as server.xml, resources.xml and so on) inside the profile directory. JAAS entries are stored there as well (with passwords encrypted of course).
OTHER TIPS
All you need to know about WebSphere Passwords is in this Infocenter Note.
In a word, WebSphere encodes passwords and store the encoded value in some XML file. The application server includes an encoder, but the decoder is on you. This encoding is not considered an appropriate password protection technique and there are several ways to hack this.
JAAS encoded password are stored here:
https://stackoverflow.com/questions/16094997
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianprofile_root/config/cells/cell_name/security.xml
The full list of credentials and related XML files is listed in the first link of this answer.
