search cancel

Encrypted/Junk password received through A2A Java program

book

Article ID: 244392

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

One of the app team is getting encrypted/Junk password through their Java code from A2A client.

1) Password retrieval is 400(success), and the target account name comes back correctly, but the password is wrong and looks encrypted (non-ASCII characters). Even the report in the PAM GUI has a 400 return code for the password retrieval.

2) O.S - Win 10

3) A2A client version: 4.12.3.48 32-bit; they have a 32-bit code

4) Password length matches to what exists in PAM but the password is not correct.

 

 

Environment

Release : any

Component : PRIVILEGED ACCESS MANAGEMENT

Cause

The runtime environment included an old Cloakware jar file that shared classes with the cspmclient.jar library from the PAM A2A client. The application ended up using the old class, which doesn't decrypt passwords received from the PAM client correctly.

Resolution

Removing the old library from the runtime environment resolved the problem.