When installing a Weblogic domain in development mode, the Configuration wizard will generate a boot identity file for the administration server containing the encrypted username and password of the initial administrative user. These credentials are then automatically leveraged when starting the admin server and avoid the need for the weblogic administrator to manually supply these. It is also possible to utilize a boot identify file (boot.properties) in production domains. See the following link for more information: http://docs.oracle.com/cd/E14571_01/web.1111/e13708/overview.htm#i1068887
Recovering/decrypting a credential value from the boot identity file is reasonably straightforward should you have shell and executable access to the Weblogic installation.
First, obtain the DOMAIN_HOME value …
ps auxwww | grep Name=AdminServer | tr " " "\n" | grep "domain.home"
-Ddomain.home=/u01/app/oracle/product/Middleware/user_projects/domains/base_domain
Next, source the setDomainEnv.sh file …
export DOMAIN_HOME=/u01/app/oracle/product/Middleware/user_projects/domains/base_domain
source $DOMAIN_HOME/bin/setDomainEnv.sh
Extract the encrypted username and password credential from the boot identify file ...
USR=`grep username $DOMAIN_HOME/servers/AdminServer/security/boot.properties | sed -e "s/^username=\(.*\)/\1/"`
PW=`grep password $DOMAIN_HOME/servers/AdminServer/security/boot.properties | sed -e "s/^password=\(.*\)/\1/"`
Sample values …
mshannon@slc05elc% echo $USR
{AES}RI+L8BLQQc3mTwbCx59un+vcHJ4c30GMQ90ovDY7VLI=
mshannon@slc05elc% echo $PW
{AES}B9acQuaVUBNqsem1FzGROqu7w2tqZenm3StwYB3C+bM=
Create the small java Decrypt program and invoke it supplying the DOMAIN_HOME and encrypted value requiring decryption …
cat > /tmp/Decrypt.java <<EOF
public class Decrypt {
public static void main(String[] args) {
System.out.println("Decrypted value: " + new weblogic.security.internal.encryption.ClearOrEncryptedService(
weblogic.security.internal.SerializedSystemIni.getEncryptionService(args[0])).
decrypt(args[1]));
}
}
EOF
$JAVA_HOME/bin/javac -d /tmp /tmp/Decrypt.java
$JAVA_HOME/bin/java -cp /tmp:$CLASSPATH Decrypt "$DOMAIN_HOME" "$USR"
$JAVA_HOME/bin/java -cp /tmp:$CLASSPATH Decrypt "$DOMAIN_HOME" "$PW"
Sample output …
mshannon@slc05elc% $JAVA_HOME/bin/java -cp /tmp:$CLASSPATH Decrypt "$DOMAIN_HOME" "$USR"
Decrypted value: weblogic
mshannon@slc05elc% $JAVA_HOME/bin/java -cp /tmp:$CLASSPATH Decrypt "$DOMAIN_HOME" "$PW"
Decrypted value: welcome1