The IAPassword utility

Both the Integration Agent and the integration services' configuration files can include configuration settings that refer to files containing encrypted data. The IAPassword utility is a platform-independent Java program that an Integration Agent administrator can use to create and modify the contents of these encrypted files.

Before using the Integration Agent, you must run the IAPassword utility twice: once to create a .wspasswd file and once to create a .passwd file (or any named file that matches the configuration in IAConfig.xml).

For example, the web service user account that the Integration Agent uses whenever it calls the RegisterIntegrationAgent, SubmitAPXML, or ReceiveAPXML web service methods is defined by the webservices-auth element of the Integration Agent's configuration file, as shown here:

<web-services-auth>
<user>IA_User</user>
<password><file>./.wspasswd</file></password>
<company>Default Company</company>
</web-services-auth>

To avoid storing the web service user's password in plain text, the Integration Agent decrypts the .wspasswd file and uses the single string contained within as the password element's actual value.

Similarly, an integration service's configuration files can contain encrypted elements (for example, integration user passwords and encrypted-constant elements) that get their values from encrypted files. Here's an example of an encrypted-constant:

<constants>
<constant name="device" type="string" overwrite="false">localhost</constant>
<constant name="my_first_constant">This is an auto-typed constant...</constant>
<encrypted-constant name="my_second_constant" type="string" overwrite="true">
<file>/tmp/.constant</file>
</encrypted-constant>
</constants>

You can find the IAPassword program in the following location:

  • Windows: <IAHOME>\bin\iapassword.bat
  • Linux: <IAHOME>/bin/iapassword.sh

IAPassword parameters

IAPassword accepts the following command-line parameters:

Parameter Required Description
--new <string> Yes Specifies the string to be stored in the encrypted file.
--old <string> If the file already exists Specifies the current string that is stored in the encrypted file.
--file <path> No

The path of the encrypted file.

This can be specified as absolute or as relative to the installation folder (NOT relative to the current directory). If not specified, the default value is <IAHOME>/conf/.passwd. (There's an example of how to change the Web Service password below.)

Examples

For example, to change the web service user's password, use the following command:

iapassword --new "My New Password" --old ia_user --file conf/.wspasswd

This command changes the contents of the file <IAHOME>/conf/.wspasswd to the string "My New Password" (without quotes).

To create the encrypted-constant file, use the following command:

iapassword --new "This is a string constant..." --file /tmp/.constant

Whenever iapassword is executed, it logs messages via log4j to the <IAHome>\log\AlarmPointIAdmin.txt file. You can change this logging behavior by modifying the log4j configuration file at <IAHOME>/conf/cli/log4j.xml.