| Author |
Message
|
| krypton |
 Posted: Fri Jun 18, 2010 9:00 pm Post subject: Handling WebService Authorization in HTTPRequest node |
 |
|
Disciple
Joined: 14 Mar 2010
Posts: 186
|
we were trying to call a web service using HTTPRequest Node , but it is failing because of authorization error. What we did is insert a compute node before HTTPRequest node and added a Authorization esql statement
| Quote: |
| SET OutputRoot.HTTPInputHeader."Authorization" = 'Basic '||b64Encode(CAST('VR7051_PlaneAPIapoll'||':'||'Password123' as BLOB CCSID InputRoot.Properties.CodedCharSetId)); |
It did solve the problem and we are able to connect sucessfully, but if you see we need to specify the password openly in our ESQL code, which we *can not* do when we move to Production environment.
Now I am looking for any possibility in Message Broker to hide/encrypt the password so that nobody would be able to see the same and our code pass through Production Audit with flying colors ..a
Please help.
Cheers
_________________
Dreams are not something which you watch when you are asleep,it is something which doesn't let you sleep. |
|
| Back to top |
|
 |
| smdavies99 |
| Posted: Fri Jun 18, 2010 10:42 pm Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
look at using a configurable service to holde the username/password. This way the developer does not have to know any 'sensitive' info and there is nothing hard coded in your flows.
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| krypton |
| Posted: Fri Jun 18, 2010 11:22 pm Post subject: |
|
|
Disciple
Joined: 14 Mar 2010
Posts: 186
|
| Quote: |
| look at using a configurable service to holde the username/password. This way the developer does not have to know any 'sensitive' info and there is nothing hard coded in your flows. |
would that password will be encrypted ? I am worrying if the password would still be in the same form "Password123", then I can not get infrastructure team to configure it in PROD server as they would definitely object to it.
even if I convince Infra team for the same do we have any such configurable service? and How esql code is going to read from it(let me search the documentation for the same)
_________________
Dreams are not something which you watch when you are asleep,it is something which doesn't let you sleep. |
|
| Back to top |
|
|
| smdavies99 |
| Posted: Sat Jun 19, 2010 12:26 am Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
the password is not stored in Clear. So you are ok there.
you don't use the username/password in ESQL. The HTTP node (like other nodes eg FileOUtput/FTP, SAP etc) picks up the Username/password from the service definition which is configured into the node.
I suggest you take the time to read up on Configurable Services and then do a little experimentation. The FileOutput node when used as an FTP client is an easy thing to test this out on. Surely you have a system somewhere in the interwebs that has FTP access?
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| krypton |
| Posted: Sat Jun 19, 2010 1:04 am Post subject: |
|
|
Disciple
Joined: 14 Mar 2010
Posts: 186
|
smdavies99 wrote:
| Quote: |
you don't use the username/password in ESQL. The HTTP node (like other nodes eg FileOUtput/FTP, SAP etc) picks up the Username/password from the service definition which is configured into the node. |
Thanks, but there seems to be no such properties in HTTPRequest node, only solution seems here is to use Compute Node before HTTPRequest node to set HTTPInput header. Now, the problem that it brings is how to access the configurable service from esql(sorry, i can't find anything in the documentation regarding this). |
|
| Back to top |
|
|
|
|
