It's all about the answers!

Ask a question

How to implement / handle hidden values like passwords in RTC attribute customization?


anup Gaur (1392444) | asked Oct 07 '15, 8:02 a.m.
 Using RTC Java API, I have written extensions to send custom email notifications. The email server requires Authentication username and Password to send an email. I am able to do so, using Javax email api. The problem is that the username and password are currently stored in an attribute as plain text. The value is set by default values. This is only for testing purpose. Moving from here 
1) Can we have an attribute of type Password so that we can keep the password stored in the schema?
2) Is there a way to access the email configuration of the JTS server so that we can use the central configuration?
3) Can we use passwords stored in files, use encryption algorithm to access and save it when changed.

Any ideas and suggestions will help me.

Thank you.

Accepted answer


permanent link
sam detweiler (12.5k6195201) | answered Oct 07 '15, 8:24 a.m.
Yes, the RTC api provides a mechanism to create and use an encrypted password.

import com.ibm.team.repository.common.util.ObfuscationHelper

        try
        {
            // decrypt the user password, if encrypted
            password = ObfuscationHelper.decryptString(password);
        }
        catch(Exception ex)
        {
            // nothin to do, variable not overlayed on error
        }
and

encrypted_password = ObfuscationHelper.encryptString(password);
anup Gaur selected this answer as the correct answer

Comments
anup Gaur commented Oct 07 '15, 1:22 p.m.

 Hi Sam,


Thanks for the answer, specially for that piece of code.

will use it and let you know.

One other answer



permanent link
sam detweiler (12.5k6195201) | answered Oct 07 '15, 1:28 p.m.
actually, here is the encrypter utility source

package com.sd.tools;

import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;

import com.ibm.team.repository.common.util.ObfuscationHelper;

public class EncodePassword
{

    /**
     * @param args
     */
    public static void main(String[] args)
    {
        // TODO Auto-generated method stub
        if(args.length==1)
        {
            try
            {
                String enpw = ObfuscationHelper.encryptString(args[0]);
                // you would use this output in any password file
                System.out.println(enpw);
               
                // here is how you would decrypt it for use in your application.
                // you could get this string from the commandline, or a file,
                // or a properties file (pw= string)
                System.out.println("pw="+ObfuscationHelper.decryptString(enpw));
            }
            catch (UnsupportedEncodingException e)
            {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
            catch (GeneralSecurityException e)
            {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
        }
        else
            System.out.println("need password string");

    }

}

Comments
anup Gaur commented Oct 07 '15, 4:15 p.m.

 Thanks a lot!!!


Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.