Welcome Guest! Log in
Stambia versions 2.x, 3.x, S17, S18, S19 and S20 are reaching End of Support January, 15th, 2024. Please consider upgrading to the supported Semarchy xDI versions. See Global Policy Support and the Semarchy Documentation.

The Stambia User Community is moving to Semarchy! All the applicable resources have already been moved or are currently being moved to their new location. Read more…


A great number of technologies require a password-based authentication: database connections, file transfer protocols (FTP, SFTP, SCP), email servers, SSH servers, web services, etc.

This article provides information about how to handle passwords in the Stambia DI solution.

Do not store clear passwords in variables

Variable values can be consulted in the Session's logs, so it is not recommended to store clear password in variables.

There are many practical and secure ways do define passwords in Stambia DI, depending on the context.

Consider using a Metadata

Most technologies which can be manipulated in Stambia DI, have their own Metadata model.

It is generally a good idea to define authentication parameters (user and password) in a Metadata:

  • Stambia DI will store them in a specific encrypted format
  • Multiple Configurations can be defined with the credentials for each environment (dev, test, production...)
  • At deployment time, these Metadata parameters can be redefined easily and securely

Note: if you cannot find the right Metadata for your technology, please contact the Support team.

When developing processes, simply drag and drop your Metadata on the desired Action. The Action will inherit the credentials from the Metadata.

Encrypt passwords

When you need to pass a password as a parameter to an action or a delivery, always use the encrypted value.

Use the Runtime command encrypt <clearpassword> to get the encrypted value:

> encrypt mypassword
456BF3056AE033C26DDBE5D4746AE78B

This value can be used in the "Encrypted Password" parameters of the action which requires it.

It can also be used in the Runtime's properties, when defining Log database credentials or Runtime security parameters.

 

Articles

Suggest a new Article!