What are the changes required for CA Advanced Authentication setup if database password is changed?
For Strong Authentication and Risk Authentication:
Database password is stored in encrypted format in ARCOT_HOME/conf/securestore.enc file. This file stores the following encrypted information for connecting to the Strong Auth and Risk Auth database:
· Database user name and password (Used by Strong Auth and Risk Auth Server to connect to the database.)
· Master key (Used for encrypting the database user name and password that is stored in securestore.enc.)
To add a new database user name, password, or DSN any time after Installation, use the DBUtil tool to perform these tasks.
DBUtil provides multiple options to change or insert new entries, in case of database password change only below command can be used-
Navigate to the directory ARCOT_HOME/tool/<OS> to locate the DBUtil utility and run the following command
dbutil -pu <key> <value>
dbutil -pu <AADatabaseDSN> <newPassword>
dbutil -pu <DBUSer> <newPassword>
Note : DSN name is stored in ARCOT_HOME/conf/arcotcommon.ini file under section [arcot/db/primarydb] for Primary Database and under section [arcot/db/backupdb] for backup Database.
For CA Adapter:
CA Adapter component is used in SiteMinder Integration or SAML or VPN integrations. State Manager Component of the Adapter talks directly with the Database and leverages the JNDI connection pooling provided by the application server. Please read the application server specific documents to make the necessary changes. In case of Tomcat locate the file TOMCAT_HOME/conf/sever.xml and modify the password under tag <GlobalNamingResources>.
Refer "DBUtil Options" of CA Advanced Authentication guide for detailed information about the DBUtil tool.