Solved: Re: How to handle user password information in JSL ( ODBC connection strings ) - Page 2

FN · Jun 9, 2023 9:09 AM

I am connecting to a database using ODBC, which has a specific user and password created for that purpose (not possible to use windows Active Directory, or other).

When the query is built, the table script stores the user ID.

Password is asked but it can also be coded directly into the connecting string in JSL.

What are the best options to handle such situations in JSL?

JMP files may be shared but updates should ask for specific user and password when executed for the first time.

ih · Oct 6, 2023 12:41 PM

This is part of why I like using the windows credential store: the password just is not available to other users. Storing the code or files containing those credentials in a place only accessible by select people might have a similar effect.

hogi · Apr 19, 2024 08:09 AM

How about this:

use Windows AD rights to control the database access:

generate a script to access the database - including the access rights for the database
encrypt the file in JMP such that no user can see the password in plain text
inside the script, try to access a file on a network share with AD access rights
if a user is allowed to access the file, he can use the database access.
for a user without access rights, the script will just show the error message

queryDB = Function( {SQLString},
	pwd = Load Text File( "network path with AD rights" );
	If( pwd = "my secret password",
		result = New SQL Query(
			Connection( "ODBC:DSN=database;PWD=xxx" ),
			QueryName( "new" ),
			CustomSQL( SQLString )
		),
		Caption( "no access rights" )
	)	
)