If you are using SE 5.x or newer:
The username and password for the servletexec admin webapp were entered during the installation process (the installer asks you for them). So the values should be whatever was entered by the person who peformed the installation.
To learn the username and to clear the password so that you can access the servletexec admin webapp, peform the following steps:
Stop ServletExec using the StopServletExec.bat/.sh file.
...\ServletExecData\security.xml in a plain text editor and locate:
Where <username> will be the username, and <encrypted-password> is the encrypted password. Remove the:
node from the file, save the change, and then restart SE. You should then be able to access the ServletExec admin webapp using only the username (no password).
Once you are in, you can then use the admin UI to set a password for that user.
If you are using SE 4.x or older:
You can do this by renaming the servers.properties file which resides in the ServletExec Data directory (you'd rename it to a "Backup" name such as
servers.properties.BACKUP for example) and then re-initializing ServletExec (which will cause a new
servers.properties file to be created by SE). This file also contains your license key and virtual server configuration data, so you will need to re-enter this data after re-initializing ServletExec.
Note: In either case, the password should consist only of alphanumeric characters (i.e. letters and numbers). Do not use other characters such as underscores, dots, exclamation points, at-symbols, etc. since those characters are not covered by SE's encryption/decryption algorithm. Using them will cause you to receive "Invalid username or password" errors when attempting to login to the Admin UI.
Note: In 1 case the above solutions did not work for a customer. The reason was that they had a setting enabled in their Internet Explorer browser that was causing the browser to NOT send any request parameters to the server. This was causing the j_username and j_password request parameters to NOT be sent to SE when posting the login form and so SE could not authenticate the user. To confirm whether or not this is what's occuring in your case, stop SE and view the ServletExec.log file using a plain text editor. If this is the issue you would see an Error message there stating that the j_security_check request lacked the j_username and j_password parameters. The setting in IE was tools - internet options - content tab - Content Advisor.
The customer's content advisor was enabled. They disabled it, restarted IE and the problem went away.