When you deploy application in websphere which uses Websphere application server JDBC resources, there are number of different ways for specifying security credentials. The simplest way is mention the user name/password programmatically when creating connection in clear text format. Needless to say this is a bad idea as we hard code these credentials in our application. one better way is create a component-managed authentication alias. This involves creating a mapping from an alias name to the userid and password. This alias name is then specified administratively on the connection factory or data source.
1. Go to websphere admin console
2. Under Security >> Secure administration, applications, and infrastructure >> JAAS >> J2C authentication data
3. Click New
4. Enter alias name
5. Enter Data base user id and password for connecting to database.
6. Click OK.
While creating data source for you application to connect to database, you should mention this alias name. So you can avoid entering clear text username/password while establishing connection in your application code.