There are multiple ways to administer passwords. You can rely on administrators to keep passwords secret and change the passwords regularly. You can set up files for storing passwords so that asadmin subcommands can access these files rather than having users type the commands. You can encrypt passwords by setting up aliases so that sensitive passwords are not visible in the domain.xml file.
The following topics are addressed here:
The master password master gives access to the crypto store used with the domain, be that an NSS cert8.db trust store or a Java JKS keystore. This password is not tied to a UNIX user. This overall shared password is the most sensitive piece of data in your system. The master password is never used for authentication and is never transmitted over the network.
You can choose to type the password manually when required, or to obscure the password in a password file. If there is no password file, you are prompted for the master password. If there is a password file, but you want to change access to require prompting, remove the file. The default master password is changeit.
Use the change-master-password subcommand in local mode to modify the master password.
When the master password is changed, it is re-saved in the master-password keystore, which is a Java JCEKS type keystore.
This subcommand will not work unless the domain is stopped.
Stop the domain whose password you are changing.
See To Stop a Domain.
Change the master password for the domain by using the change-master-password(1) subcommand.
You are prompted for the old and new passwords. All dependent items are re-encrypted.
Start the domain.
See To Start a Domain.
The change-master-password subcommand is interactive in that you are prompted for the old master password as well as the new master password. This example changes the master password for domain44ps:
asadmin> change-master-password domain44ps |
If you have already logged into the domain using the login login(1) subcommand, you are prompted for the new master password:
Please enter the new master password> Please enter the new master password again> |
If you are not logged into the domain, you are prompted for both the old and the new master passwords:
Please enter the master password again> Please enter the new master password> Please enter the new master password again> |
Information similar to the following is displayed:
Master password changed for domain44ps
You can also view the full syntax and options of the subcommand by typing asadmin help change-master-password at the command line.
Use the change-admin-password subcommand in remote mode to change the administration password. The default administration password is admin. You are prompted for the old and new admin passwords, with confirmation.
If you accepted the default admin user with no password during zip installation, you can add a password to this user. If there is a single user called admin that does not have a password, you are not prompted for login information. Any other situation requires login.
Encrypting the admin password is strongly encouraged.
If you want to change the admin password before creating an alias for the password (encrypting), you can use the set subcommand with syntax similar to the following:
asadmin set --user admin server.jms-service.jms-host.default_JMS_host.admin-password= new_pwd |
Ensure that the server is running.
Remote subcommands require a running server.
Change the admin password by using the change-admin-password(1) subcommand.
Enter the old and new admin passwords when prompted.
Restart GlassFish Server.
See To Restart a Domain.
This example changes the admin password for user anonymous from adminadmin to newadmin:
asadmin> change-admin-password --user anonymous |
You are prompted to enter the old and the new admin passwords:
Enter admin password>adminadmin Enter new admin password>newadmin Enter new admin password again>newadmin |
Information similar to the following is displayed:
Command change-admin-password executed successfully. |
You can also view the full syntax and options of the subcommand by typing asadmin help change-admin-password at the command line.
Instead of typing the password at the command line, you can access the password for a command from a file such as passwords.txt. The --passwordfile option of the asadmin utility takes the name of the file that contains the passwords. The entry for a password in the file must have the AS_ADMIN_ prefix followed by the password name in uppercase letters.
The following other types of passwords can be specified:
AS_ADMIN_MASTERPASSWORD AS_ADMIN_USERPASSWORD AS_ADMIN_ALIASPASSWORD |
Edit the password file.
For example, to specify the password for the domain administration server (DAS), add an entry similar to the following to the password file, where adminadmin is the administrator password:
AS_ADMIN_PASSWORD=adminadmin
Save the password file.
You can now specify the password file in an asadmin subcommand. In This example, passwords.txt is the file that contains the password:
asadmin>delete-jdbc-resource --user admin --password passwords.txt jdbc/DerbyPool |
If AS_ADMIN_PASSWORD has been exported to the global environment, specifying the --passwordfile option will produce a warning about using the --passwordfile option. To prevent this warning situation from happening, unset AS_ADMIN_PASSWORD.
A password alias is used to indirectly access a password so that the password itself does not appear in cleartext in the domain's domain.xml configuration file.
Storing passwords in cleartext format in system configuration files is common in many open source projects. In addition to GlassFish Server, Apache Tomcat, Maven, and Subversion, among others, store and pass passwords in cleartext format. However, storing and passing passwords in cleartext can be a security risk, and may violate some corporate security policies. In such cases, you can use password aliases.
The following topics are addressed here:
Use the create-password-alias subcommand in remote mode to create an alias for a password in the domain's keystore. The password corresponding to the alias name is stored in an encrypted form in the domain configuration file. The create-password-alias subcommand takes both a secure interactive form, in which users are prompted for all information, and a more script-friendly form, in which the password is propagated on the command line.
You can also use the set(1) subcommand to remove and replace the password in the configuration file. For example:
asadmin set --user admin server.jms-service.jms-host.default_JMS_host. admin-password='${ALIAS=jms-password}' |
Ensure that the server is running.
Remote subcommands require a running server.
Go to the directory where the configuration file resides.
By default, the configuration file is located in domain-dir/config.
Create the password alias by using the create-password-alias(1) subcommand.
Type the password for the alias when prompted.
Add the alias to a password file.
In the password file, for example, passwords.txt, add the following line: AS_ADMIN_PASSWORD=${ALIAS=admin-password-alias}, where admin-password-alias is the new password alias.
Stop the GlassFish Server domain.
See To Stop a Domain.
Start the domain specifying the file that contains the alias.
Use the following syntax:
start-domain --user admin --passwordfile /path-to/passwords.txt domain1 |
This example creates the new jms-password alias for the admin user:
asadmin> create-password-alias --user admin jms-password |
You are prompted to type the password for the alias:
Please enter the alias password>secret-password Please enter the alias password again>secret-password Command create-password-alias executed successfully. |
You can also view the full syntax and options of the subcommand by typing asadmin help create-password-alias at the command line.
Use the list-password-aliases subcommand in remote mode to list existing the password aliases.
Ensure that the server is running.
Remote subcommands require a running server.
List password aliases by using the list-password-aliases(1) subcommand.
This example lists the existing password aliases:
asadmin> list-password aliases jmspassword-alias Command list-password-aliases executed successfully |
You can also view the full syntax and options of the subcommand by typing asadmin help list-password-aliases at the command line.
Use the delete-password-alias subcommand in remote mode to delete an existing password alias.
Ensure that the server is running.
Remote subcommands require a running server.
List all aliases by using the list-password-aliases(1) subcommand.
Delete a password alias by using the list-password-aliases(1) subcommand.
This example deletes the password alias jmspassword-alias:
asadmin> delete-password-alias jmspassword-alias Command list-password-aliases executed successfully |
You can also view the full syntax and options of the subcommand by typing asadmin help delete-password-alias at the command line.
Use the update-password-alias subcommand in remote mode to change the password for an existing password alias. The update-password-alias subcommand takes both a secure interactive form, in which the user is prompted for all information, and a more script-friendly form, in which the password is propagated on the command line.
Ensure that the server is running.
Remote subcommands require a running server.
Update an alias by using the update-password-alias(1) subcommand.
Type the password when prompted.
This example updates the password for the jmspassword-alias alias:
asadmin> update-password-allias /home/password.txt jsmpassword-alias |
You are prompted to type the new password for the alias:
Please enter the alias password>new-secret-password Please enter the alias password again>new-secret-password Command update-password-alias executed successfully |
You can also view the full syntax and options of the subcommand by typing asadmin help update-password-alias at the command line.