HCL Workload Automation, Version 9.4

Changing the security settings

This section describes how to modify the security settings of HCL Workload Automation.

About this task

Use the changeSecurityProperties script located in TWA_home/TWS/wastool to change various security settings on the application server. For the settings related to SSL, see Setting connection security. For the settings related to the passwords of the database access users, see Changing key HCL Workload Automation passwords. You can also change other settings, such as the active user registry or the local operating system ID and password.

The procedure requires you to stop the application server, create a text file of the current security properties, edit the file, run the utility, and restart the application server.
  • For more information about the procedure to make any changes to the WebSphere Application Server properties, see Application server - using the utilities that change the properties.
  • To determine which properties are to be changed, see:
  • To change the text file of the current security properties, perform the following steps:
    1. Edit the text file and locate the properties you need to change.
    2. Make any required changes to the properties.

      Do not change any other properties.

    1. The utility might display a message from the application server (WASX7357I:). You can ignore this message.
    2. When you supply a password in a text file for changeSecurityProperties, there is a small security exposure. When you enter a password in the file, the password is entered in clear (unencrypted). After you have run changeSecurityProperties, the password remains in clear in the text file you have edited, but if you run showSecurityProperties the password is output encrypted, as a row of asterisks. Thus, your potential security exposure is limited to the time from when you entered the password in the text file until when you manually deleted the text file after using changeSecurityProperties.
      Attention: If you want to change parameters other than a password, and do not want to change a password, ensure that you perform one of the following actions before running changeSecurityProperties. This is required to prevent that the row of asterisks is applied as the password:
      • Resupply the passwords in clear.
      • Comment the password properties.
      • Delete the password properties.