The configPassman.cnf file contains additional configuration settings for password encryption. The file consists of a number of properties, some of which are commented out in the default configuration.

As shipped, the configPassman.cnf file specifies that passwords will be stored in file config/txnPassStore.dat and encrypted using Password-Based Encryption (PBE). In addition, it specifies that the master password will be stored in file config/empw.dat. Properties that can be used to specify other settings are commented out.

If you want to change these optional settings, you must edit the configPassman.cnf file. The file must always specify the following:

The following sections describe the configPassman.cnf file in detail and how to change password and master password settings.

This section describes how to use the configPassman.cnf file to change settings for passwords.

The default file name and location for the password file is in the server instance’s home directory under config/txnPassStore.dat. To change it, locate and modify the following property:

This property must always be present and uncommented. If you want to change the file name or location, change the right hand side only. You can specify an absolute or relative path. In the path name, use the forward slash (/) only; the backward slash (\) is not supported.

The default encryption method for the password file is Password-Based Encryption (PBE). To change it, locate the following properties and uncomment a different method. One and only one of these properties must always be uncommented.

default.encryptor=EntrustPbePlus ---- This denotes PBE encryption -- most secure

#default.encryptor=Base64 ---- This denotes Base64 encoding -- not secure

#default.encryptor=None ---- This denotes Clear text -- not secure

By default, the master password is stored in the file config/empw.dat under the server instance’s home directory, but if you prefer, you can configure API Gateway to prompt for the master password at server initialization. The following sections describe how to tell API Gateway which method to use.

To store the master password in a file, use the following properties:

This controls whether API Gateway stores the masterpassword in a file (true) or prompts for it at server initialization (false). If this value is set to true, make sure the master.password.field.attemptsLimit properties are commented out.

This indicates the location of the master password store. Use the forward slash (/) only; the backward slash (\) is not supported.

This indicates the number of password changes required before you can reuse a password.

To prompt for the master password at server initialization, use the following properties. Use these properties only if you want API Gateway to prompt for the password at server initialization (that is, you specified false for master.password.storeInFile). If you do not want API Gateway to prompt for the password at server initialization, make sure these two properties are commented out.

Specify true to prompt for the password in a pop-up window. If you select this method, you can start the server from the Windows start menu. This is default if master.password,storeInFile is set to false.

This indicates the number of unsuccessful login attempts permitted before API Gateway rejects the request.

You cannot configure API Gateway to prompt for the master password at server initialization if: