The user name and password
parameters in the
Application Broker configuration
file can be encrypted or entered as
open text. If a value starts with an exclamation point (!), the value
is assumed to be encrypted. To obtain the encrypted equivalent for
a user name and password, send the values to the Application Broker
with a _DEBUG=1. For example,
http://abc.def.com/cgi-bin/broker?
_service=default&_debug=1&_username=myname&_password=xyzzy
should produce output
with the fields encrypted following an exclamation point (!). These
new values can then be used in place of the original open-text versions.
Note: When you use the Application
Broker to encrypt a user name or password, the original unencrypted
user name and password might be saved in the Web server log. You can
run the Application Broker from the command line to avoid this issue:
broker "_service=default&_debug=1&_username=myname&_password=xyzzy"
An alternative to entering
this password in plain-text is to use the encrypted version of the
password. For example, if your password is
xyzzy
, the encrypted version that you can put into the broker.cfg is
!ci3mC.Xmq.t2Chnx
. By hardcoding the encrypted version
in the broker.cfg, the text of your actual password is protected from
anyone who has read access to the broker.cfg file.