ImageMaster password manager
ImageMaster features a password manager for more secure password administration. Access to the password manager itself can be protected by a master password. By default, in an initial installation the master password is empty, and no configuration needs to be set up if you don’t want to use any master password.
Changing passwords in a multi-server environment
In environments where multiple ImageMaster application server instances are running concurrently, whenever a password is set up or changed, which is stored in the password manager, special actions need to be taken to synchronize this password across all sever instances. See: Troubleshooting - password manager exception.
Setting up the master password
The master password can be deposited on the application server:
-
either in the application server configuration (ima.security.masterPassword)
-
or in a plain text file on the application server (ima.security.masterPasswordFile)
The password can be supplied on demand by calling the “unlockPasswordStore” operation in the ImaSecurityService web service port. In this scenario the password is not persistently stored. The service in a way does not “forget” or does not need this password until the next system restart. Although this is the most secure option, this is challenging because it requires pro-active intervention on each system start!
The default master password in a newly installed system is an empty password so the above methods to deposit a master password are only required if the master password has ever been set or changed.
If a master password has ever been set, and the system is restarted with an empty or invalid master password, the password store is locked. In this state nearly any services fail because internal communication that relies on the password manager is denied with a PWM-00001 error. The password store can only be unlocked at runtime by providing the correct master password in the “unlockPasswordStore” web service request.
If you want to deposit the master password on the application server, it is important to understand the following:
-
When you install ImageMaster for the first time, it is crucial NOT to set any master password (as a property in the application server settings), before the client has been launched successfully at least once (see step Launch the ImageMaster client (mandatory))! This is due to internal installer routines, which expect that no master password is initially set.
-
If a new or changed password is only supplied via the AdminClient (or the admin web service) but is not updated in the location where it is deposited on the application server, after a restart there will be errors by design:
…|SEVERE|304|…|…|…|…PWM-00001: invalid master password for the password manager (or corrupt password store).|#)
In summary, a change of the master password should always be done by following these steps:
-
First set or change the master password via the AdminClient (or the admin web service).
-
If you have deposited the master password on the application server, also change this to the same new master password via exactly ONE of the two alternative options:
Technically speaking, in a running system where the master password is changed via he AdminClient (or the admin web service) it is not required to restart the application server after changing the deposited password. This setting must just be in place so the system is in a consistent state whenever the next server restart happens. However, it is recommended scheduling a restart and monitoring the log file “ImageMaster.log”, in order to ensure that the correct password has been set.