We have a customer requirement where the password that resides within Component Queues - Adapter JAAS Credentials setting now needs to change every n days

However, customer cannot know 'new' password and doesnt not re-type it in .. it needs to be pulled automatically via a script and updated.

Has anyone experience on any auto 'P8Admin' password process where the values are stored within ACCE - which I guess are encrypted in the ObjStore DB?

Thanks

Mick Doyle 

------------------------------
Mick Doyle
------------------------------

Hi Mick,

There is an IBM technote that describes this process, to sum up, the supported way is not to update the DB directly. IBM retrieves the Component Queue configuration from F_ComponentDescriptor, updates it through ComponentDescriptor.setJaasPassword(), then writes it back and commits via VWSystemConfiguration.commit(). 

So the password appears to be stored as part of the Component Queue configuration in F_ComponentDescriptor, not as something you should change manually in SQL 

Regards,
Olivier

How to programmatically set FileNet Content Manager Workflow System Component Queue Adaptor password

Hello, what about using the jass session credentials instead of user name and password? For myself I use externalized credentials in a property file that way I can easily test in an IDE before attempting to deploy the component. If you component doesn't interact with CE objects you don't need to authenticate. What version of FileNet are you working with?

------------------------------
Jay Bowen
www.bowenecmsolutions.com
Medina, OH
------------------------------

Original Message:
Sent: Wed March 11, 2026 12:03 PM
From: Mick Doyle
Subject: Component Queues - Adapter JAAS Credentials password

We have a customer requirement where the password that resides within Component Queues - Adapter JAAS Credentials setting now needs to change every n days

However, customer cannot know 'new' password and doesnt not re-type it in .. it needs to be pulled automatically via a script and updated.

Has anyone experience on any auto 'P8Admin' password process where the values are stored within ACCE - which I guess are encrypted in the ObjStore DB?

Thanks

Mick Doyle 

------------------------------
Mick Doyle
------------------------------

I cover , with full code, the use of an encrypted password mechanism, where the password is held in an encrypted format such that the Java code can detect if the loaded password is encrypted or (initially) clear, then it is rewritten in an encrypted format, with additional encrypted wrapping characters which enables the  code to determine automatically if what is read is an (initial) clear or encrypted password.

The password in this scheme is held in a config.xml file.

A section of this is as follows;

<ceuser>P8Admin</ceuser>

        <cepassword>RW5jcnlwdDNkZmlsZW5ldFA0c3N3MHJk</cepassword

        <celoginconfig>/opt/IBM/FileNet/CEClient/config/jaas.conf.WSI </celoginconfig>

        <ceurl>http://ecmukdemo6:9080/wsi/FNCEWS40MTOM</ceurl>

        <cestanza>FileNetP8WSI</cestanza>

   

The Java code is in Chapter 6 of my

book, "IBM Software Systems Integration"

A section with an example which can be used (see pages 1017-1018) is as follows:

//ASB ...  Check if this is still clear ie

//ASB ...  Not in the form Encrypt3dpasswordvalueP4ssw0rd

String decryptedJDBCPassword = decrypt(JDBCPassword);

if (decryptedJDBCPassword.startsWith("Encrypt3d")&& decryptedJDBCPassword.endsWith("P4ssw0rd")  ){

            //ASB ...  Extract the actual password

// 

JDBCPassword = decryptedJDBCPassword.substring(9, decryptedJDBCPassword.length()-8);

}else{

//ASB ...  update the clear password

String encryptedJDBCPassword = "Encrypt3d" + JDBCPassword + "P4ssw0rd";

encryptedJDBCPassword = encrypt(encryptedJDBCPassword);

System.out.print("\r\tENCRYPTED JDBC CDDR PASSWORD = " + encryptedJDBCPassword);

System.out.print("\r\t");

// ASB ...  Write encrypted password back to the config.xml file

String dirPath = System.getProperty("user.dir");

String OS = System.getProperty("os.name").toLowerCase();

        String file = null;

        // ASB 

if (OS.indexOf("win") >= 0)  {

  file = dirPath + "\\config\\config.xml";

} else { //Set to forward slash

  file = dirPath + "/config/config.xml";

}

  // SET    file Name, root element, tag element, old value, new value

      updateXML(file,"AUDITProcessor","JDBCPassword", JDBCPassword, encryptedJDBCPassword);  

}

Hope this helps as a possible starting point.

------------------------------
Alan S Bluck
Director
ASB Software Development Limited
Ringwood, Hampshire, England
0044 7710612479
IBM Champion (2026),
IBM Champion (2025),
IBM Champion (2024),
IBM Champion (2023),
IBM Champion (2022),
Director, ASB Software Development Limited,
RedHat Accredited Business Partner)
------------------------------

Original Message:
Sent: Wed March 11, 2026 12:03 PM
From: Mick Doyle
Subject: Component Queues - Adapter JAAS Credentials password

We have a customer requirement where the password that resides within Component Queues - Adapter JAAS Credentials setting now needs to change every n days

However, customer cannot know 'new' password and doesnt not re-type it in .. it needs to be pulled automatically via a script and updated.

Has anyone experience on any auto 'P8Admin' password process where the values are stored within ACCE - which I guess are encrypted in the ObjStore DB?

Thanks

Mick Doyle 

------------------------------
Mick Doyle
------------------------------