ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Encrypt / Decrypt clear text with ESQL

Post new topic  Reply to topic
 Encrypt / Decrypt clear text with ESQL « View previous topic :: View next topic » 
Author Message
madrox
PostPosted: Thu Feb 18, 2016 8:00 am    Post subject: Encrypt / Decrypt clear text with ESQL Reply with quote

Acolyte

Joined: 11 Mar 2015
Posts: 71

Hello Everyone,
I would like to know if it possible to encrypt and decrypt plain text using ESQL in IIB Version: 9.0.0.3
Currently we use a SOAP request node to make a webservice call and we pass a user id and password for authentication. This information is stored in a xml file and I use a file read node to read. We would like to encrypt and decrypt the password and not have it as plain text.

Code:
               <LoginInformation>
                  <ClientId>XYZ</ClientId>
                  <UserID>123</UserID>
                  <RACFId>abcx123</RACFId>
                  <RACFPassword>factys124</RACFPassword>
               </LoginInformation>
Back to top
View user's profile Send private message
mqjeff
PostPosted: Thu Feb 18, 2016 8:19 am    Post subject: Re: Encrypt / Decrypt clear text with ESQL Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447

madrox wrote:
This information is stored in a xml file and I use a file read node to read.

That's a terrible idea.

All of the functions that ESQL provides natively are documented in the KC.

If you don't find a function that can encrypt/decrypt, you will have to determine a different method to make those functions available.
_________________
chmod -R ugo-wx /
Back to top
View user's profile Send private message
Vitor
PostPosted: Thu Feb 18, 2016 8:30 am    Post subject: Re: Encrypt / Decrypt clear text with ESQL Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA

madrox wrote:
Currently we use a SOAP request node to make a webservice call and we pass a user id and password for authentication.


That's fair enough.

madrox wrote:
This information is stored in a xml file and I use a file read node to read.


That's not.

Of all the places to store this kind of static information, how did you come up with that? Why not use the inbuilt IIB facilities?
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
madrox
PostPosted: Thu Feb 18, 2016 8:50 am    Post subject: Reply with quote

Acolyte

Joined: 11 Mar 2015
Posts: 71

Well, we do not read this file on every request, sorry i was not clear on that. We read this file and store in cache. If the need arises to change the values on the file we refresh the cache and the file read picks up the changes.
Back to top
View user's profile Send private message
Vitor
PostPosted: Thu Feb 18, 2016 9:11 am    Post subject: Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA

madrox wrote:
Well, we do not read this file on every request, sorry i was not clear on that. We read this file and store in cache. If the need arises to change the values on the file we refresh the cache and the file read picks up the changes.


I stand by all of my previous comments.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
fjb_saper
PostPosted: Thu Feb 18, 2016 9:21 am    Post subject: Reply with quote

Grand High Poobah

Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY

O.K. You'll need to give us much more information before we can be of any real help.

  • Are the credentials you seek to encrypt passed in the header or in the payload?
  • Are they being passed in encrypted format or clear text?
  • Where should they be in encrypted format?
  • Is your call made via http or https?


Hope that helps clarify the problem
_________________
MQ & Broker admin
Back to top
View user's profile Send private message Send e-mail
madrox
PostPosted: Thu Feb 18, 2016 9:25 am    Post subject: Reply with quote

Acolyte

Joined: 11 Mar 2015
Posts: 71

fjb_saper wrote:
O.K. You'll need to give us much more information before we can be of any real help.

  • Are the credentials you seek to encrypt passed in the header or in the payload?
  • Are they being passed in encrypted format or clear text?
  • Where should they be in encrypted format?
  • Is your call made via http or https?


Hope that helps clarify the problem


1. The credentials are being passed in the request payload
2. They are being passed as clear text
3. We would like to have the password in the xml file encrypted and decrypted before making the web service request
4. call is made via HTTPS
Back to top
View user's profile Send private message
fjb_saper
PostPosted: Thu Feb 18, 2016 9:33 am    Post subject: Reply with quote

Grand High Poobah

Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY

madrox wrote:

1. The credentials are being passed in the request payload
2. They are being passed as clear text
3. We would like to have the password in the xml file encrypted and decrypted before making the web service request
4. call is made via HTTPS

Now we're talking. You should probably use a DB with an encrypted field for the password. Some DB's do the encryption/decryption automatically for you.

The caching within the flow then is the same as with your xml file.

Otherwise there are some fine encryption and decryption facilities to be used with Java or .NET

Have fun
_________________
MQ & Broker admin
Back to top
View user's profile Send private message Send e-mail
madrox
PostPosted: Thu Feb 18, 2016 9:43 am    Post subject: Reply with quote

Acolyte

Joined: 11 Mar 2015
Posts: 71

madrox wrote:

Otherwise there are some fine encryption and decryption facilities to be used with Java or .NET

But Nothing with ESQL?
I have used a encrypt/decrypt method in Java but wanted to know if there was something similar in ESQL
Back to top
View user's profile Send private message
maurito
PostPosted: Thu Feb 18, 2016 10:42 pm    Post subject: Reply with quote

Partisan

Joined: 17 Apr 2014
Posts: 358

madrox wrote:
madrox wrote:

Otherwise there are some fine encryption and decryption facilities to be used with Java or .NET

But Nothing with ESQL?
I have used a encrypt/decrypt method in Java but wanted to know if there was something similar in ESQL

You can call a Java function/procedure from you ESQL, but I agree with previous comments, use a DB
Back to top
View user's profile Send private message
mqjeff
PostPosted: Fri Feb 19, 2016 7:12 am    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447

madrox wrote:
1. The credentials are being passed in the request payload
2. They are being passed as clear text



madrox wrote:
3. We would like to have the password in the xml file encrypted and decrypted before making the web service request


Again, all of the ESQL routines and methods and functions and etc. are fully documented. If you haven't seen anything for encrypt/decrypt... well, then there aren't any. You can use Java or .NET, and call those from ESQL (I *believe* you can call .NET these days?)

There used to be a PGP node as a supportPac. Dunno if it still is around or works with modern versions of IIB.

You might be able to use a SecurityPEP node as well.
_________________
chmod -R ugo-wx /
Back to top
View user's profile Send private message
fjb_saper
PostPosted: Fri Feb 19, 2016 7:39 am    Post subject: Reply with quote

Grand High Poobah

Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY

mqjeff wrote:
madrox wrote:
1. The credentials are being passed in the request payload
2. They are being passed as clear text



My guess is this is for an outgoing service call (SOAP Request) using SSL and madrox has no choice in the matter.
_________________
MQ & Broker admin
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Encrypt / Decrypt clear text with ESQL
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.