In the CommandCentral Enterprise Reporter product version 5.0 login successes are logged with user and password.

Article:TECH56564  |  Created: 2008-01-04  |  Updated: 2011-08-15  |  Article URL http://www.symantec.com/docs/TECH56564
Article Type
Technical Solution


Environment

Issue



In the CommandCentral Enterprise Reporter product version 5.0 login successes are logged with user and password.


Solution



The issue exists in CommandCentral Enterprise Reporter (CCER) version 5.0 and is rectified by applying the maintenance pack (MP) 1 release available from File Connect.  prior to upgrading to this version, Symantec recommends applying the Workaround listed below.

Currently the log displays the user password at login time:

2007-12-31 13:29:53 VRTSWEB INFO   Logon : logging off...
2007-12-31 13:29:53 VRTSWEB INFO   Logon : Username = admin userPassword = password
2007-12-31 13:29:54 VRTSWEB INFO   Log on successful
2007-12-31 13:29:54 VRTSWEB INFO   0 users : admin
2007-12-31 13:29:54 VRTSWEB INFO   CRNConnect : Logon Info : You are currently logged on as: admin


Once corrected by applying the workaround listed below, the log displays the following:

2008-01-03 00:40:45 VRTSWEB INFO   Logon : logging off...
2008-01-03 00:40:45 VRTSWEB INFO   Logon : Username = admin
2008-01-03 00:40:45 VRTSWEB INFO   Log on successful
2008-01-03 00:40:45 VRTSWEB INFO   0 users : admin
2008-01-03 00:40:45 VRTSWEB INFO   CRNConnect : Logon Info : You are currently logged on as: admin


Workaround
Until the formal resolution is available, place the attached binaries in place of backed up originals, following the procedure below.  

Note: A default installation is assumed, locate the files to be replaced if installed under non-default locations.
 
Select the CCER_PW_Utility_295476.zip compressed file below and follow the instructions to download, then extract the files to a temporary location such as /tmp where /Files/ will be created.
1. Go to /opt/VRTSsmweb/webgui/ and stop the Web GUI by executing the command:
./smw stop
2. Then back up the original files denoted in the table, Figure 1.
Figure 1
 
File Name Default location on CCER server machine
getListOfPackages.jsp /opt/VRTSsmweb/webgui/sm/plugins/ER/
cognos.jsp /opt/VRTSsmweb/webgui/sm/plugins/ER/
getListOfFolders.jsp /opt/VRTSsmweb/webgui/sm/plugins/ER/
rollupStatusReport.jsp /opt/VRTSsmweb/webgui/sm/plugins/ER/
reportViewer.jsp /opt/VRTSsmweb/webgui/sm/plugins/ER/
erweb.jar /opt/VRTSsmweb/webgui/sm/WEB-INF/lib/
3. Copy the above mentioned files from the temporary location (created after downloading the attached utility) into the specified locations in Figure 1 above.
4. Start the Web GUI by executing the command
./smw start
 
Note: After successfully running the application, accessing reports and confirming expected results the old files are no longer necessary and may be deleted.
 
Formal Resolution
The formal resolution to this issue will be included in CCER 5.0 MP1.  Until 5.0 MP1 is available, Symantec strongly recommends implementing the Workaround described in this TechNote.
 
Best Practices:
Symantec strongly recommends the following best practices:
1. Always perform a Full backup prior to and after any changes to your environment.
2. Always make sure that your environment is running the latest version and patch level.
 
How to Subscribe to Software Alerts:
If you have not received this TechNote from the Symantec Email Notification Service as a Software Alert, please subscribe at the following link:    http://maillist.entsupport.symantec.com/subscribe.asp
 
 

Attachments

CCER_PW_Utility_295476.zip (104 kBytes)

Supplemental Materials

SourceETrack
Value1188642
Description

Plain text password visible in debug log


Legacy ID



295476


Article URL http://www.symantec.com/docs/TECH56564


Terms of use for this information are found in Legal Notices