[Download] | [Documentation Home] | [Release Note]

WSO2 Web Services Application Server , v2.1-RC4 - Change Password Tool

This document explains how an admin user can change his or her password.

Introduction

If an admin user forgets his password, he cannot retrieve it using the Management Console due to security concerns. Furthermore, if you started WSO2 WSAS for the first time on one version of a JDK (say 1.4), and later decided to switch to another version of a JDK (say 1.5), it becomes impossible for WSO2 WSAS to decrypt the user passwords, since the security providers for different JDKs are different.

In such scenarios, you would have to change the relevant passwords by running the chpasswd script on the machine that hosts the WSO2 WSAS server.

The chpasswd script is located in WSO2WSAS_HOME/bin

IMPORTANT: Before executing this script, you should shutdown the WSO2 WSAS instance.

What You Need to Know

In order to change a user's password, you need to provide the following information

  1. The WSO2 WSAS database URL: By default, WSO2 WSAS ships with the Apache Derby database and hence the default URL would be jdbc:derby:/home/[user name]/.wso2wsas/database/WSO2WSAS_DB (For Windows jdbc:derby:C:\Documents and Settings\[user name]\.wso2wsas\database\WSO2WSAS_DB) . This may differ if a different database was specified during the installation process.Then the URL will be in the form of jdbc:derby:WSO2WSAS_HOME/database/WSO2WSAS_DB, where WSO2WSAS_HOME will be the custom location specified during the installation.
  2. The Database driver class: For the default Apache Derby database, the driver will be automatically picked up by the system. If a different database is used, the driver class needs to be specified.
  3. The Database username and password: Again for the default Apache Derby database, the default username and password will be used by the system. However, if a different username/password is used, you are required to reset the admin password.
  4. The username and new password of the user whose password is to be changed: If you do not provide these as command line arguments, you will be prompted for it during the execution.

Resetting the Password

This script is located in WSO2WSAS_HOME/bin. Usually this is the directory in which you have installed/extracted WSO2 WSAS.

The command line options available for chpasswd is as follows:

Command Line Option Description Mandatory?
--db-url The database URL Yes
--db-driver The database driver class No
--db-username The username for the database No
--db-password The password for the database No
--username The username of the user whose password is to be changed.

If this is not given, you will be prompted for this field later.
No
--new-password The new password of the user whose password is to be changed.

If this is not given, you will be prompted for this field later.
No

Example

chpasswd --db-url "jdbc:derby:WSO2WSAS_HOME/database/WSO2WSAS_DB"

Example (on Windows)

chpasswd --db-url "jdbc:derby:C:\Documents and Settings\user\.wso2wsas\database\WSO2WSAS_DB"

Example (on *nix)

chpasswd --db-url jdbc:derby:home/user/.wso2wsas/database/WSO2WSAS_DB

If you have not provided the --username or --new-password input parameters, the system will prompt you for it. If the password was updated successfully, you should see the following message:



Password of user [username] updated successfully

Important Note