My Oracle Support Banner

User password hashing not working for fresh Siebel 18.7 install with existing database (Doc ID 2507892.1)

Last updated on NOVEMBER 22, 2019

Applies to:

Siebel CRM - Version 18.7 and later
Information in this document applies to any platform.

Symptoms


User password hashing not working in 18.x


STEPS
-----------------------
The issue can be reproduced at will with the following steps:
0. Removed current gateway configuration by deleting the Enterprise/Siebel Server and AI deployments then deleted the gateway from SMC - Settings

1. Generated hashed passwords
 
2. Replaced clear text passwords with their corresponding SHA-1 hash generated by password hashing utility
 
3. Logged in to SMC and got prompted to create the Gateway Profile
  a. Enabled password hashing for Gateway profile (Hash User Password checked, Hash Algorithm=SHA1);
  b. Used <USER>/ clear text password for authentication testing. Since Hash User Password, when testing, the password was hashed and sent to the DB
  Re-Logged in using <USER>/hashed password. Clear text password does not work yet.

4. Gateway registry was done and <USER>/ hashed password used for authentication

5. Created the Enterprise profile and used <USER>/ hashed password credentials for Authentication and Database User Account.
  Using clear text password got the profile created but the deployment failed since it could not authenticate due to the different password (clear text provided vs hash stored in DB)
  The Enterprise profile was successfully created and deployed only by using the hashed password.

6. Created the Siebel Server profile and used <USER>/ hashed password credentials for Authentication and Database User Account
  Using clear text password got the profile created but the deployment failed since it could not authenticate due to the different password (clear text provided vs hash stored in DB)
  The Siebel Server profile got successfully created and deployed.

7. Connected to server Manager using <USER>/ hashed password credentials.

6. Created Application Interface Profile using hashed passwords.
  Using clear text password got the profile created but the deployment failed since it could not authenticate due to the different password (clear text provided vs hash stored in DB)
  The Application Interface Profile got successfully created and deployed.
 
7. Enabled password hashing

A. The Enterprise authenticates via DBSecAdpt which uses ServerDataSrc Data Source.
DSHashUserPwd was set to TRUE to enable password hashing for ServerDataSrc

B. As far as I understand Gateway authenticates using GatewayDataSrc data source

DSHashUserPwd was set to TRUE to enable password hashing for GatewayDataSrc

8. Restarted Siebel Components

9. Tried unsuccessfully to log into SMC using clear text password.
  Login only works for the hashed password.
  The expected behavior is to fill in clear text password, then the hashing utility to hash, send to DB and compare for authentication.
 

10. Tried unsuccessfully to log into Server Manager using a clear text password.
  Login only works for the hashed password.
  The expected behavior is to fill in clear text password, then the hashing utility to hash, send to DB and compare for authentication.

11. Checked again the value of DSHashUserPwd parameter and confirmed it is "TRUE"
  It seems the hashing parameter is not working.


Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.