- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
How to handle user password information in JSL ( ODBC connection strings )
I am connecting to a database using ODBC, which has a specific user and password created for that purpose (not possible to use windows Active Directory, or other).
When the query is built, the table script stores the user ID.
Password is asked but it can also be coded directly into the connecting string in JSL.
What are the best options to handle such situations in JSL?
JMP files may be shared but updates should ask for specific user and password when executed for the first time.
When the query is built, the table script stores the user ID.
Password is asked but it can also be coded directly into the connecting string in JSL.
What are the best options to handle such situations in JSL?
JMP files may be shared but updates should ask for specific user and password when executed for the first time.
11 REPLIES 11
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
Re: How to handle user password information in JSL ( ODBC connection strings )
This is part of why I like using the windows credential store: the password just is not available to other users. Storing the code or files containing those credentials in a place only accessible by select people might have a similar effect.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
Re: How to handle user password information in JSL ( ODBC connection strings )
How about this:
use Windows AD rights to control the database access:
- generate a script to access the database - including the access rights for the database
- encrypt the file in JMP such that no user can see the password in plain text
- inside the script, try to access a file on a network share with AD access rights
if a user is allowed to access the file, he can use the database access.
for a user without access rights, the script will just show the error message
queryDB = Function( {SQLString},
pwd = Load Text File( "network path with AD rights" );
If( pwd = "my secret password",
result = New SQL Query(
Connection( "ODBC:DSN=database;PWD=xxx" ),
QueryName( "new" ),
CustomSQL( SQLString )
),
Caption( "no access rights" )
)
)
This post originally written in German and has been translated for your convenience. When you reply, it will also be translated back to German.
- « Previous
-
- 1
- 2
- Next »