PM33222: THE CUSTOM PROPERTY CONTAINING THE PASSWORD IS NOT DECRYPTED AT RUNTIME WHEN POPULATING THE RESOURCE ADAPTER INSTANCE.

Fixes are available

APAR status

Closed as program error.

Error description

The custom property containing the password is declared in the
<resourceadapter> element of the resource adapter descriptor.
It is a property of the resource adapter JavaBean class -- a
class that must be instantiated and populated with the property
values when the resource adapter is started.  The property value
is encrypted in the resource configuration, but is not decrypted
at runtime when populating the resource adapter instance.  The
adapter instance is populated with an encrypted property value.

<resourceProperties
xmi:id="J2EEResourceProperty_1298040084197"
name="aaaPassword" type="java.lang.String"
value="{xor}Oz4pOiU=" description="aaaPassword"
required="false"/>

And the offending code path is in
com.ibm.ejs.j2c.RAWrapperImpl.createAndConfigureRA().

Passing the encrypted password to the backend application makes
the application to fail.

Local fix

```
Fix in next release
```

Problem summary

****************************************************************
* USERS AFFECTED:  All users of IBM WebSphere Application      *
*                  Server V7.0                                 *
****************************************************************
* PROBLEM DESCRIPTION: Password declared as part of custom     *
*                      property of Resource Adapter is not     *
*                      decoded when sending it to Backend.     *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The encrypted password is sent to a backend application,
prompting a failure. In application logs, the encoded password
is still used.

The password field should be picked up and the value should be
decoded as part of populating the ResourceAdapter Instance.

Problem conclusion

The value is now decoded as part of part of populating the
Adapter instance so that the decrypted password is sent to
backend application.

The fix for this APAR is currently targeted for inclusion in
fix pack 7.0.0.19  Please refer to the Recommended Updates
page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Temporary fix

Comments

APAR Information

APAR number
PM33222
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-02-21
Closed date
2011-05-20
Last modified date
2011-05-20

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800

Applicable component levels

R700 PSY
UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
27 October 2021

Tips

PM33222: THE CUSTOM PROPERTY CONTAINING THE PASSWORD IS NOT DECRYPTED AT RUNTIME WHEN POPULATING THE RESOURCE ADAPTER INSTANCE.

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R700 PSY

Document Information

Share your feedback

Need support?