cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Check out the JMP® Marketplace featured Capability Explorer add-in
Choose Language Hide Translation Bar
FN
FN
Level VI

How to handle user password information in JSL ( ODBC connection strings )

I am connecting to a database using ODBC, which has a specific user and password created for that purpose (not possible to use windows Active Directory, or other).

When the query is built, the table script stores the user ID.

Password is asked but it can also be coded directly into the connecting string in JSL.

What are the best options to handle such situations in JSL?

JMP files may be shared but updates should ask for specific user and password when executed for the first time.
11 REPLIES 11
ih
Super User (Alumni) ih
Super User (Alumni)

Re: How to handle user password information in JSL ( ODBC connection strings )

This is part of why I like using the windows credential store: the password just is not available to other users.  Storing the code or files containing those credentials in a place only accessible by select people might have a similar effect.

hogi
Level XII

Re: How to handle user password information in JSL ( ODBC connection strings )

How about this:

use Windows AD rights to control the database access:

  • generate a script to access the database - including the access rights for the database
  • encrypt the file in JMP such that no user can see the password in plain text
  • inside the script, try to access a file on a network share with AD access rights
    if a user is allowed to access the file, he can use the database access.
    for a user without access rights, the script will just show the error message

queryDB = Function( {SQLString},
	pwd = Load Text File( "network path with AD rights" );
	If( pwd = "my secret password",
		result = New SQL Query(
			Connection( "ODBC:DSN=database;PWD=xxx" ),
			QueryName( "new" ),
			CustomSQL( SQLString )
		),
		Caption( "no access rights" )
	)	
)