How to decrypt WebLogic Datasource Password

You need to copy the datasource password present in the -jdbc.xml present under configjdbc to the password variable in the WLST Script.

encrypted_password

 

Change the path variable to point to your domain

from weblogic.security.internal import *
from weblogic.security.internal.encryption import *


password = "{AES}0+5YrFk+fD9BFIykr3H+wPsNmPRP/GIOUId7SPqBgNg="
path = "D:/Oracle/Middleware/user_projects/domains/pega7_domain/security"
encryptionService = SerializedSystemIni.getEncryptionService(path)
cService = ClearOrEncryptedService(encryptionService)
print "password: " + cService.decrypt(password)

Execute the above script after setting the environment
>setWLSEnv.cmd
>java weblogic.WLST decryptDatasourcePassword.py

You should see the decrypted password in the terminal.

decrypted_password

It can also be done in the following way

  1. Open the datasource configuration xml and copy the AES encrypted password.

Write a WLST script to decrypt the password.

domain = "/x/bea-wl1213/user_projects/domains/base_domain"
service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain)  
encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service)
print encryption.decrypt("{AES}YSPuwMQqjeo/DlSNYnUZ3E6z6WLVmEaAtDmMaFg6JCY=")

Execute the script

source setWLSEnv.sh
java weblogic.WLST decryptDatasourcePassword.py

Leave a Reply