1

Is there a way to recover the password for a jdbc datasource, which I used in a Weblogic Application server? I could change it, but since I'm not entirely sure, where we use the database, that would be rather complicated.

I have full administrative rights for the server, so if I have to look something up, in config files etc that would be ok.

dertoni
  • 335
  • 1
  • 6
  • 12

3 Answers3

3

I've used this with lots of success:

http://recover-weblogic-password.appspot.com/

Or you can do it locally - Instructions Taken from Here or Code can be found here:

/$BEA_HOME/wlserver_10.3/common/bin/wlst.sh decryptPassword.py /full/path/to/weblogic-domain/ "{3DES}s0meCr4zyH4$hedV4lue="
edwardsmatt
  • 156
  • 4
1

In weblogic config files, like config.xml or *-datasource.xml in newer versions, passwords will be encrypted.

<password-encrypted>{3DES}oxUmxhBtdfe0h+0000oWHrl18jw==</password-encrypted>

If your application code has some internal config in files like applicationContext.xml for Spring, you might be lucky with something of this sort

<bean id="myDataSource"
  class="org.apache.commons.dbcp.BasicDataSource">

  <property name="driverClassName" value="oracle.jdbc.driver.OracleDriver" />

  <property name="url" value="jdbc:oracle:thin:@x.x.x.x:1522:portaldb" />

  <property name="username" value="myUser" />

  <property name="password" value="myPassword" />
JoseK
  • 465
  • 6
  • 13
  • what do they use as a password? is it some randomly generated word or is it configured somewhere? – dertoni Dec 03 '10 at 12:36
  • it is configured via the Weblogic Console - which then gets encrypted into config.xml by the server. It is the same password as that used for that user in the *database*. So you can try to change both, at Weblogic and in your database for that user (the DB user in this case). – JoseK Dec 03 '10 at 12:49
  • See this link:http://download.oracle.com/docs/cd/E14571_01/apirefs.1111/e13952/taskhelp/jdbc/jdbc_datasources/CreateDataSources.html Edit the "Connection Properties" as shown in this page – JoseK Dec 03 '10 at 12:55
1

this is the java version:

import weblogic.security.internal.SerializedSystemIni;
import weblogic.security.internal.encryption.ClearOrEncryptedService;
import weblogic.security.internal.encryption.EncryptionService;


public class WeblogicDecrypt{

    public static void main(String[] args){
        String pass = "{3DES}**********";
        EncryptionService service= SerializedSystemIni.getEncryptionService("c:\\yourDomain\\");
        ClearOrEncryptedService clear = new ClearOrEncryptedService(service);
        String psw = clear.decrypt(pass);
        System.out.println("password:" + psw);
    }

}

jars needed can be found in weblogic server lib folder

Ilario M.
  • 11
  • 1