Forum Discussion
Vidyak
3 years agoNew Contributor II
SIC Password and API keys are stored in a plain text file
Hi We are evaluating the SIC tool for integration and noticed that API keys and DB passwords are stored unencrypted in plain text files. This is becoming a huge security concern as this way of stor...
- 1 year ago
Hello mithun_laha ,
Can you provide a brief example of what calls you're making in your code? Is it the remote BR that is returning this failure?
- 1 year ago
Hey mithun_laha ,
Did u set up WinSCP to connect to the SFTP server on the client environment where the SFTP server can be accessed remotely on the OS Cloud App?
you might have created a Direct Connection with your SFTP details like port number and host name to access the Smart Integration Connecter page. (System Pane)
u are using the Smart integration function to get stored information like SFTP password, user name, etc.
using the ApiLibrary.GetSmartIntegrationConfigValue("Key as String to get the password value").
and u are using a BRApi.Utilities.ExecRemoteGatewayBusinessRule to retrieve the results.
As per my understanding,A database connection additionally with the Direct connection needs to setup to connect OS Cloud app Client Environment.If you notice and try to compile your smart integration function. it will ask for a database gateway connection to compile your code.
In your
BRApi.Utilities.ExecRemoteGatewayBusinessRule function u need to mention the database connection name as the remotehostname to get details from the direct connection on the remote client environment.
Dim remoteResults As RemoteRequestResultDto = BRApi.Utilities.ExecRemoteGatewayBusinessRule(si,smartintegrationBRName,Nothing,database connection gateway name, function name in Smart integration Function BR name,String.Empty,False,600)
If you have followed these steps and still facing an issue please check by hardcoding the credentials in the WinSCP session in your extensibility rules to check your connection. (I hope u have used the WinSCP.dll in the referenced assemblies). OR if you have issues connecting with the Smart integration function please check the SIC logs.
I am not an expert at this but I have connected to Amazon S3 using a direct connection before. a similar approach should work here.
Nikpowar97
3 years agoContributor
NOTE: The solution below is as per my understanding and knowledge trough documentations provided. The information may not be 100% correct. So, please reach out to OS if needed.
I think the credentials can be stored inside the SIC local gateway settings as a key value pair. The setting name(key) can be passed in a Smart Integration functions (OS version 7.4.1) BR and to retrieve the setting value(value).
Let's same setting name = Password
Setting value = "Password@123"
Smart Integration Functions ( Applications> Tools>Business Rules> Smart Integration function)
(Compile the BR by choosing the gateway) - SIC guide has similar rule in C#
Imports System
Imports System.Collections.Generic
Imports System.Data
Imports System.Data.Common
Imports System.Globalization
Imports System.IO
Imports System.Linq
Namespace OneStream.BusinessRule.SmartIntegrationFunction.GetPassword
Public Class MainClass
Public Shared Function RunOperation() As String
Dim password As String = OneStreamgatewayservice.APIlibrary.getsmartintegrationconfigvalue("Password")
Return password
End Function
End Class
End Namespace
Once this is done the same function can be called inside any BR (Example a connecter rule to password in the Uri of API endpoint ) using newly introduced Remote Brapis.
Here in case highlighed in blue:
Dim objRemoteRequestResultDto As RemoteRequestResultDto = BRApi.Utilities.ExecRemoteGatewayBusinessRule(si, brName, functionArguments, remoteHost, functionName)
Pass the Smart integration function here and rest of the code can be reference through the SIC guide.
However, I think the password can still be error-logged. (Just a conjecture).
Alternatively we can store password in a Transformations lookup and restrict access to specific user group.
the same can be retrieved using,
Dim sValue As String = BRApi.Utilities.TransformText(si, sourceText, transformationLookupGroup, usePassThroughIfLookupNotFound)
or Use Brapi.Utilities.EncryptText (please check the exact Package) to encrypt. Log it using Brapi.Errorlog.logmessage to get the encrypted text. use t Brapi.Utilities.DecryptText to pass the encrypted text.
Related Content
- 1 year ago
- 2 years ago
- 2 years ago
- 2 years ago