On 1/25/2012 5:38 PM, jkelly wrote:

i'm publishing to RAM using the ant tasks from within a jazz build
engine. the build engine allows to to save the RTC password in a
password file, but it seems like i have to pass the ram
userid/password in the clear - is it possible somehow to obfuscate
the ram password ?? ideally i'd like to be able to use the same
password in the RTC passwordFile

What makes you think it is in the clear? The ANT task requires the

userid and password but you would read these from your local password
file that is only accessible to the ANT process. Also make sure you use
HTTPS for your server connections. In that case the password is
protected when passed to the server. It is only in the "clear" inside
the ANT process itself and nowhere else.

--
Rich Kulp
Rational Asset Manager developer

What I meant by "in the clear" is that a properties file is in a readable format, so can be inspected by anyone who has access to the build machine (few, but typically more than should know the password). Ideally ram:server would have a passwordFile attribute, so the whole end-to-end process could be consistently secure.

So all I was saying was I consider the RAM/Ant task method to be less secure than the facilities provided by RTC/Ant tasks. compare

<startBuildActivity activityIdProperty="${actId}" label="${actId}" buildResultUUID="${buildResultUUID}" repositoryAddress="${repositoryAddress}" autocomplete="true" userId="${userId}" passwordFile="${passwordFile}" />

with

<ram:server id="ramServer" username="${ram.user.id}" password="${ram.user.passwd}" url="${ram.url}" />

----------------------

It was in this context where i was looking for a solution which didn't mean leaving passwords in clear text on the build machine.

regards
John

Just an FYI in case others are also looking for more info on using ANT with RAM. I did a Youtube video tutorial series on this topic. http://rationalassetmanager.wordpress.com/2009/10/15/scripts-to-automate-asset-use-and-creation/

Carlos

Systems and Software Engineering Jumpstart

Hi Carlos - Thanks for the link... wish I'd had that some days ago :-)

As it happens i've also written a blog entry on this "Simplifying publication to Rational Asset Manager using Ant's macrodef"
https://www.ibm.com/developerworks/mydeveloperworks/blogs/greenelk/entry/simplifying_publication_to_rational_asset_manager_using_ant_s_macrodef?lang=en

I assume the you can dynamically provide a "decryption" password to decrypt the properties files with the various passwords on them.

Consider http://www.jasypt.org/encrypting-configuration.html

There are many way to incorporate this in Ant e.g., the last append here: http://stackoverflow.com/questions/3423135/how-to-use-encrypted-password-in-apache-basicdatasource

thanks for that. In fact i ended up writing my own ant tasks to solve this