asg-password-obfuscator Utility

This utility generates an obfuscated password.

TIBCO API Exchange Gateway provides the asg-password-obfuscator utility to generate an obfuscated password.

For example,
  • An obfuscated password can be specified for the tibco.env.ASG_ADMIN_PASSWORD property of the Config UI. The Config UI uses this password to verify the credentials for the default authentication mechanism of the Config UI. See Default Authentication.
  • An obfuscated password is used by the Apache module (C module) to communicate with the Rendezvous daemon. The obfuscated password can be set for the AsgSecureDaemonPassword parameter in the Apache module configuration (mod_ASG.conf) file.

Usage

Usage: asg-password-obfuscator [-i | -hostname <hostname>] <password>

-i: obfuscate with an internal key

-hostname: obfuscate using hostname

The asg-password-obfuscator utility has the following options:

  • The -i option generates the obfuscated password that can be used on any machine. This option is less secure as it is machine independent.
  • The -hostname option generates the obfuscated password specifically for a hostname. This option is more secure as it restricts the encrypted password to be used only for that machine.
    Note:
    • Either the-i or -hostname option generates the obfuscated password for the following purposes:
      • The obfuscated password is used by the Config UI to verify the user credentials for the default authentication mechanism.
      • The obfuscated password is used by the Apache module to communicate with the Rendezvous daemon.
    • If you do not use the -i or -hostname options for the asg-password-obfuscator utility, the generated password can be used for the Java based modules such as WSS’s keystore.

Example Output

C:\tibcoasg\asg\2.1\bin>asg-password-obfuscator -i admin

Obfuscating password ...

Jul 15, 2013 1:52:54 PM com.tibco.security.providers.SecurityVendor_j2se <clinit>

INFO: Initializing JSSE's crypto provider class com.sun.net.ssl.internal.ssl.Provider

in default mode

Obfuscated password (in brackets): [#_R9gvPGRME0hRIveQJJS9i9tAzshJUjfK]

C:\tibcoasg\asg\2.1\bin>asg-password-obfuscator -hostname secureHost password

Obfuscating password ...

Jul 15, 2013 1:52:54 PM com.tibco.security.providers.SecurityVendor_j2se <clinit>

INFO: Initializing JSSE's crypto provider class com.sun.net.ssl.internal.ssl.Provider in default mode

Obfuscated password (in brackets): [#^R9gvPGRME0hRIveQJJS9i9tAzshJUjfK]

Note: If the obfuscated password generated by the asg-password-obfuscator utility contains special characters, you must escape the special characters before using the obfuscated password.

For example, to use the obfuscated password for tibco.env.ASG_ADMIN_PASSWORD property of the ASG_HOME/bin/asg-configui.tra file, escape the special characters if the obfuscated password contains the special characters. See the following examples:

  • The asg-password-obfuscator utility generates #_R9gvPGRME0hRIveQJJS9i9tAzshJUjfK as the password. Use this password in the ASG_HOME/bin/asg-configui.tra file, as follows:

    tibco.env.ASG_ADMIN_PASSWORD=\#\_R9gvPGRME0hRIveQJJS9i9tAzshJUjfK

  • The asg-password-obfuscator utility generates #!gJRT2BcdqcmvDRxKcjAcJxTRt3FHPK1AwOZlrivOiLE= as the password. Use this password in the ASG_HOME/bin/asg-configui.tra file, as follows:

    tibco.env.ASG_ADMIN_PASSWORD=\#\!gJRT2BcdqcmvDRxKcjAcJxTRt3FHPK1AwOZlrivOiLE\=

  • The asg-password-obfuscator utility generates #!gJRT2BcdqcmvDRxKcjAc!xTRt3FHPK1AwOZlrivOiLE= as the password which contains the embedded special characters. Use this password in the ASG_HOME/bin/asg-configui.tra file, as follows:

    tibco.env.ASG_ADMIN_PASSWORD=\#\!gJRT2BcdqcmvDRxKcjAc\!xTRt3FHPK1AwOZlrivOiLE\=