| Bookshelf Home | Contents | Index | PDF | |
|
Siebel Security Guide > Changing and Managing Passwords > Encrypted Passwords in the eapps.cfg FileThe RC2 algorithm encrypts passwords stored in the eapps.cfg file with a 56-bit encryption key. Passwords are written to the file in encrypted form when you configure the SWSE. (Optionally, you can turn off encryption and use clear-text passwords in this file.) Values for the following parameters are subject to encryption in the eapps.cfg file:
After you initially configure the SWSE, encryption behavior is subject to the status of the EncryptedPassword parameter. This parameter is added to the eapps.cfg file, with a value of The status of the EncryptedPassword parameter and the encryption status of the passwords themselves must match. That is, if the parameter is NOTE: If the EncryptedPassword parameter does not exist in the eapps.cfg file, then the default behavior is the same as if EncryptedPassword is set to FALSE. It is recommended that you set the value of the EncryptedPassword parameter to TRUE. When an anonymous user password is used (during application login or anonymous browsing sessions), the encrypted password is decrypted and compared to the value stored for the database account (specified using the AnonUserName parameter). The account and password are created using the standard Siebel database scripts, and must already exist in the Siebel database when you configure the SWSE. If you change the password for this account after setting up your system, then you must update the password stored in the eapps.cfg file. For information about updating encrypted passwords, see Encrypting Passwords Using the encryptstring Utility. |
 |
|
| Siebel Security Guide | Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices. | |