Extracting encrypted password of a weblogic datasource

In some cases you might need to know the password of an already setup datasource.  If you go to the weblogic console url your'll just see **** symbols. If you look directly into the xml file the password is not visible either, so where do you go from here.  You could use a WLST script similar to the following. Please consider file paths as well as host and weblogic credentials are hardcoded but you could easily replace those. See below an example.

#This WLST script will extract the encrypted password of 

#any given weblogic datasource

from weblogic.security.internal import *

from weblogic.security.internal.encryption import *

from xml.dom import minidom

# Path where the wncrypted pwd is (replace path with your jdbc xml file path)

doc = minidom.parse('/oracle/fmwhome/user_projects/domains/dev_bpm/config/jdbc/mds-soa-jdbc.xml')

pwd = doc.childNodes[0].childNodes[3].childNodes[7].firstChild.data

#Get password of connectionpool (replace path with your domain security path)

encryptionService = SerializedSystemIni.getEncryptionService("/oracle/fmwhome/user_projects/domains/dev_bpm/security")

clearOrEncryptService = ClearOrEncryptedService(encryptionService)

# Remove unneeded characters

preppwd = pwd.replace("\\", "")

# Decrypt the password

psd=clearOrEncryptService.decrypt(preppwd)

print('Unencrypted password -> ' + psd)

common UCM payloads GenericSOAPPort

11.   Before start using the GenericSOAPPort is important that security is added to the request you can easily do this with a policy “oracle/wss_username_token_client_policy” or add a username and password in the SOAP UI for testing

22.  Check in a new document

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ucm="http://www.oracle.com/UCM">

   <soapenv:Header/>

   <soapenv:Body>

    <GenericRequest xmlns:ns0="http://www.oracle.com/UCM" xmlns="http://www.oracle.com/UCM" webKey="cs">

<ns0:Service IdcService="CHECKIN_NEW">

<ns0:User/>

<ns0:Document>

<ns0:Field name="dDocTitle">test56.pdf</ns0:Field>

<ns0:Field name="dDocType">Document</ns0:Field>

<ns0:Field name="dSecurityGroup">Public</ns0:Field>

<ns0:File name="primaryFile" href="test51.pdf">

<ns0:Contents>

[base 64]

</ns0:Contents>

</ns0:File>

</ns0:Document>

</ns0:Service>

</GenericRequest>

   </soapenv:Body>

</soapenv:Envelope>

33. Retrieve document id  dID from the response from the previous call and use it as input parameter, “GET_FILE”

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ucm="http://www.oracle.com/UCM">

   <soapenv:Header/>

   <soapenv:Body>

            <ucm:GenericRequest webKey="cs">

         <ucm:Service IdcService="GET_FILE">

            <ucm:Document>

            <ucm:Field  name="dID">6404</ucm:Field>

            </ucm:Document>

         </ucm:Service>

      </ucm:GenericRequest>

   </soapenv:Body>

</soapenv:Envelope>

44. Approve a document

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ucm="http://www.oracle.com/UCM">

   <soapenv:Header/>

   <soapenv:Body>

    <GenericRequest xmlns:ns0="http://www.oracle.com/UCM" xmlns="http://www.oracle.com/UCM" webKey="cs">

<ns0:Service IdcService="WORKFLOW_APPROVE">

<ns0:Document>

<ns0:Field name="dID">6402</ns0:Field>

</ns0:Document>

</ns0:Service>

</GenericRequest>

   </soapenv:Body>

</soapenv:Envelope>

55.  Scan a document after approved and indexer successfully run the GET_SEARCH_RESULT

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ucm="http://www.oracle.com/UCM">

   <soapenv:Header/>

   <soapenv:Body>

      <ucm:GenericRequest webKey="cs">

         <ucm:Service IdcService="GET_SEARCH_RESULTS">           

            <ucm:Document>

 <ucm:Field  name="QueryText">dID = `6405`</ucm:Field>

            </ucm:Document>

         </ucm:Service>

      </ucm:GenericRequest>

   </soapenv:Body>

</soapenv:Envelope>