Today I have installed weblogic server and tried to start after installation.But it didn't start and threw below error
weblogic.security.SecurityInitializationException: Authentication for user weblogic denied.
I have given the same password(YXXGEDIUJLIKEBC1) which I had given during installation. Now situation became bit tricky. I had a dilemma whether to reinstall or not. Then I started to debug like below.
Below are the steps to decrypt weblogic password.
Save below code in /tmp/decrypt.py
import os
import weblogic.security.internal.SerializedSystemIni
import weblogic.security.internal.encryption.ClearOrEncryptedService
def decrypt(agileDomain, encryptedPassword):
agileDomainPath = os.path.abspath(agileDomain)
encryptSrv = weblogic.security.internal.SerializedSystemIni.getEncryptionService(agileDomainPath)
ces = weblogic.security.internal.encryption.ClearOrEncryptedService(encryptSrv)
password = ces.decrypt(encryptedPassword)
print "Plaintext password is:" + password
try:
if len(sys.argv) == 3:
decrypt(sys.argv[1], sys.argv[2])
else:
print "Please input arguments as below"
print " Usage 1: java weblogic.WLST decryptWLSPwd.py "
print " Usage 2: decryptWLSPwd.cmd "
print "Example:"
print " java weblogic.WLST decryptWLSPwd.py C:\Agile\Agile933\agileDomain {AES}JhaKwt4vUoZ0Pz2gWTvMBx1laJXcYfFlMtlBIiOVmAs="
print " decryptWLSPwd.cmd {AES}JhaKwt4vUoZ0Pz2gWTvMBx1laJXcYfFlMtlBIiOVmAs="
except:
print "Exception: ", sys.exc_info()[0]
dumpStack()
raise
Get the encrypted password for weblogic. since it is a fresh installation,we don't have boot.properties files.To search encrypted password,grep like below
cd $DOMAIN_HOME
grep -R "{AES}" *
so we need to get it from below locaiton.
Weblogic password: $DOMAIN_HOME/init-info/security.xml
init-info/security.xml: <user name="weblogic" password="{AES}418Va/Twg/g5sc0ycaV+isOtn3sm1yukOS6MfLS4ynltAsRSE6UcRWwtBn42EZLB" description="This user is the default administrator." isAdmin="true">
Node Manager password : $DOMAIN_HOME/init-info/config-nodemanager.xml
<nod:password>{AES}g3OWmrfYmB4CREgL8WATHkeF8dHZKkDzbCBEmojBipvPrS+77r3otrjlMk0EsLiE</nod:password>
cd $DOMAIN_HOME
/as12c/jaytrn/product/middleware/12.1.3/user_projects/domains/CustAppDom
. /as12c/jaytrn/product/middleware/12.1.3/user_projects/domains/CustAppDom/bin/setDomainEnv.sh
/as12c/jaytrn/product/middleware/12.1.3/user_projects/domains/CustAppDom
Script usage : java weblogic.WLST /tmp/decrypt.py $DOMAIN_HOME <ENCRYPTED_PWD>
output:
jay::raapjay1trn1> java weblogic.WLST /tmp/decrypt.py . {AES}418Va/Twg/g5sc0ycaV+isOtn3sm1yukOS6MfLS4ynltAsRSE6UcRWwtBn42EZLB
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Plaintext password is:????????????????
Strange,I have given characters,but it shows questionmarks above.But it worked ,Now I am able to start weblogic with the password ????????????????
We will try to decrypt nodemanger password as well
/as12c/jaytrn/product/middleware/12.1.3/user_projects/domains/CustAppDom
jay::raapjay1trn1> java weblogic.WLST /tmp/decrypt.py . {AES}g3OWmrfYmB4CREgL8WATHkeF8dHZKkDzbCBEmojBipvPrS+88r3otrjiMk0EsYiE
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Plaintext password is: YZZGEDIUJLIKEBC1
b) Access the Admin server console with the URL https://<machine.domain>:<port>/console
C) Login to Admin server console as user weblogic and provide its password.
d) Navigate to Security Realms->myrealm->Users and Groups->choose weblogic->Passwords
e) Provide the new password and save it.
f) Navigate to Security Realms->myrealm->Users and Groups->choose OracleSystemUser->Passwords
Provide same password as for the weblogic user and save it.
g) Navigate to Security Realms->myrealm->Users and Groups->choose weblogic_mntr->Passwords
Provide same password as for the weblogic user and save it.
h) Click on 'Activate Changes' in the left panel.
i) Modify boot.properties file also (since it is fresh installation,I didn't setup boot.properties file)
j) Restart weblogic server
weblogic.security.SecurityInitializationException: Authentication for user weblogic denied.
I have given the same password(YXXGEDIUJLIKEBC1) which I had given during installation. Now situation became bit tricky. I had a dilemma whether to reinstall or not. Then I started to debug like below.
Decrypt weblogic password from config files & proceed with the configuration.
Below are the steps to decrypt weblogic password.
Save below code in /tmp/decrypt.py
import os
import weblogic.security.internal.SerializedSystemIni
import weblogic.security.internal.encryption.ClearOrEncryptedService
def decrypt(agileDomain, encryptedPassword):
agileDomainPath = os.path.abspath(agileDomain)
encryptSrv = weblogic.security.internal.SerializedSystemIni.getEncryptionService(agileDomainPath)
ces = weblogic.security.internal.encryption.ClearOrEncryptedService(encryptSrv)
password = ces.decrypt(encryptedPassword)
print "Plaintext password is:" + password
try:
if len(sys.argv) == 3:
decrypt(sys.argv[1], sys.argv[2])
else:
print "Please input arguments as below"
print " Usage 1: java weblogic.WLST decryptWLSPwd.py "
print " Usage 2: decryptWLSPwd.cmd "
print "Example:"
print " java weblogic.WLST decryptWLSPwd.py C:\Agile\Agile933\agileDomain {AES}JhaKwt4vUoZ0Pz2gWTvMBx1laJXcYfFlMtlBIiOVmAs="
print " decryptWLSPwd.cmd {AES}JhaKwt4vUoZ0Pz2gWTvMBx1laJXcYfFlMtlBIiOVmAs="
except:
print "Exception: ", sys.exc_info()[0]
dumpStack()
raise
Get the encrypted password for weblogic. since it is a fresh installation,we don't have boot.properties files.To search encrypted password,grep like below
cd $DOMAIN_HOME
grep -R "{AES}" *
so we need to get it from below locaiton.
Weblogic password: $DOMAIN_HOME/init-info/security.xml
init-info/security.xml: <user name="weblogic" password="{AES}418Va/Twg/g5sc0ycaV+isOtn3sm1yukOS6MfLS4ynltAsRSE6UcRWwtBn42EZLB" description="This user is the default administrator." isAdmin="true">
Node Manager password : $DOMAIN_HOME/init-info/config-nodemanager.xml
<nod:password>{AES}g3OWmrfYmB4CREgL8WATHkeF8dHZKkDzbCBEmojBipvPrS+77r3otrjlMk0EsLiE</nod:password>
cd $DOMAIN_HOME
/as12c/jaytrn/product/middleware/12.1.3/user_projects/domains/CustAppDom
. /as12c/jaytrn/product/middleware/12.1.3/user_projects/domains/CustAppDom/bin/setDomainEnv.sh
/as12c/jaytrn/product/middleware/12.1.3/user_projects/domains/CustAppDom
Script usage : java weblogic.WLST /tmp/decrypt.py $DOMAIN_HOME <ENCRYPTED_PWD>
output:
jay::raapjay1trn1> java weblogic.WLST /tmp/decrypt.py . {AES}418Va/Twg/g5sc0ycaV+isOtn3sm1yukOS6MfLS4ynltAsRSE6UcRWwtBn42EZLB
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Plaintext password is:????????????????
Strange,I have given characters,but it shows questionmarks above.But it worked ,Now I am able to start weblogic with the password ????????????????
We will try to decrypt nodemanger password as well
/as12c/jaytrn/product/middleware/12.1.3/user_projects/domains/CustAppDom
jay::raapjay1trn1> java weblogic.WLST /tmp/decrypt.py . {AES}g3OWmrfYmB4CREgL8WATHkeF8dHZKkDzbCBEmojBipvPrS+88r3otrjiMk0EsYiE
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Plaintext password is: YZZGEDIUJLIKEBC1
Change Weblogic password from ???????????????? to YXXGEDIUJLIKEBC1:
a) Start Webloigc with password ???????????????? and login to consoleb) Access the Admin server console with the URL https://<machine.domain>:<port>/console
C) Login to Admin server console as user weblogic and provide its password.
d) Navigate to Security Realms->myrealm->Users and Groups->choose weblogic->Passwords
e) Provide the new password and save it.
f) Navigate to Security Realms->myrealm->Users and Groups->choose OracleSystemUser->Passwords
Provide same password as for the weblogic user and save it.
g) Navigate to Security Realms->myrealm->Users and Groups->choose weblogic_mntr->Passwords
Provide same password as for the weblogic user and save it.
h) Click on 'Activate Changes' in the left panel.
i) Modify boot.properties file also (since it is fresh installation,I didn't setup boot.properties file)
j) Restart weblogic server
No comments:
Post a Comment