In Websphere there is a possiblility to disable Admin security and login to Admin console without userid and password . This feature is not available in JBOSS EAP, Weblogic Server etc
Below steps are applicable for both DMGR and Standalone websphere nodes .
Generally we don’t require this .but there might a situation where one the following reasons
- Someone changed the password or the password is locked if it is LDAP Account .
- we may forget the credential . There is no way to get the working credentials .
- Messed up the SSL/Security configuration or security.xml
To disable security manually follow below steps
1.Take backup of security.xml file located in <PROFILE_HOME>/config/cells/CellName/security.xml
2.update enabled=”true” to enabled=”false” on the first occurrence in security.xml file then kill the admin process that is running as we cannot stop since we don’t have working userid and password .
hi-lighted string decide the security of admin console .It will act as a switch to on/off
3.start the dmgr or AppNode Now we should be able to login to Admin without userid & password
4.Do what ever changes we need to reset the password and other configuration’s if need to do then go security.xml file and change back to enabled=”true”
5.kill the Admin process and start Admin now we should be able to login to Admin console successfully with new password .
We can also disable security by using wsadmin commands
1.connect to wsadmin
wsadmin>securityoff LOCAL OS security is off now but you need to restart server1 to make it affected. wsadmin> 2.kill the admin process 3.start Admin process 4.Login to Admin console and do the necessary changes 5.connect to wsadmin and run securityon to enable security back wsadmin>securityoff
6.Restart DMGR or Admin Node and login with new password .