Resetting user password in WCS
There will be situations where you may have forgotten the password of a user and you want to reset the password in WCS. In WebSphere Commerce all the passwords are one way encrypted with a salt and Merchant Key. The main purpose of a salt is to add more security to storing passwords. With the help of Salt during encrypting the password, WCS makes sure that two users that have the same password will not have the same encrypted string as their password.
Reset by updating DB
Resetting the password is easy if you already know the password of at least one user. For e.g.: if you already know the password of user with users_id 9000 and you want to reset the password of user with users_id = 9001, then execute the following query in the database.
UPDATE USERREG SET LOGONPASSWORD = (SELECT LOGONPASSWORD FROM USERREG WHERE USERS_ID = 9000), SALT = (SELECT SALT FROM USERREG WHERE USERS_ID = 9000), PASSWORDINVALID= (SELECT PASSWORDINVALID FROM USERREG WHERE USERS_ID = 9000), STATUS = (SELECT STATUS FROM USERREG WHERE USERS_ID = 9000) WHERE USERS_ID=9001;
Now user 9001 can login with user 9000′s password. In the above case we copied the details like salt, logonpassword etc of user 9000 to user 9001
Reset with the help of wcs_password utility.
Consider case where you do not know the password any of the users. Now to reset the password you need to generate the password by yourself. To generate the encrypted password for any string, WCS has a utility, ‘wcs_password’. wcs_password utility takes three parameter as the input. The syntax for wcs_password utility is given below
wcs_password <password> <salt> <key>
Where password is the new password, salt is the salt for the user and key is the Merchant Key
Once we provide all these details, the command will give the encrypted password in both ASCII and hex format. Take the ASCII formatted string and update the USERREG.LOGONPASSWORD column with that value. E.g.: The SQL to update the password for wcsadmin is given below
update userreg set logonpassword='output of wcs_password utility' where logonid = 'wcsadmin'
Now you can login with the new password.
The wcs_password.bat utility will be available in your bin directory.
Reset with chgwcspwd utility
The third way of resetting the password is with the help of chgwcspwd utility. This utility changes the password directly in the db. So we do not need to execute any SQL commands by our own. But this tool is available only in IBM iSeries. So I have not tried this yet. The syntax to use this utility is
chgwcspwd.sh -database <dbname> -dbHostname <db host name> -schema <schema name> -instance <instance name> -instancePwd <db password>-merKey <key> -wcsUser <wcs username> -wcsUserPwd <user's new password>