Question

Pass password, get plaintext

  • 6 October 2015
  • 5 replies
  • 14 views
B
Badge
Hi,

 

 

I use the readerprompt widget [1] and pass all parameters to my reader using RUNTIME_MACROS (as described in the link). One of the returned values is a password (GUI type: password [2]), like:

 

 

"RUNTIME_MACROS,...<comma>USERNAME<comma>bob<comma>PASSWORD<comma>fme_decrypt<openparen>MDowfCN8I3xcG3GQ<solidus>TeRRUJUZ5LDPtdvpscbh7Nj9gG<solidus>INBkAGA+fkaDrNbhZtfa3rmkUUrCxKWaAFwiYsKgWJNl<solidus>0mRpxUuP+IT2c+Qhh26JEZtUWAmpuoaQCdQ3ykKWm2zaoAM5MBCGaGEuYe+6AS07<solidus>nLNRJwqp1jdwP1FgVCbXRvZtWfKjEZlNJYQ+EicVc6cv2DxCYJyTljvXwF8mKxenML6FKJiHARQCO8OMJidKKZQJP1SeYIhqB0YrtGw4cGV2ZquQKifvRjB2Tl6wBAWDmeCg+R1jvft1tR17SISyTDv77K+mV80w2aaUSgybbF7coM0BrQPcpehfjlW+YxV73+9mPMFXKQeznZ22T8MJor57O44p8U2NQCw35HiFBs0oVP9VkkY0D<solidus>WzGRevseyX1pIEWJSQSFwkJVhiyXavMDz5E5SEYgTZHfVeGBXCDuIEEbfRRkPU5yD2nw2ZAVimDRD7UQhEEY6PosGqU17He4y35WEfAggQ40+EKuupOQSZRsKotTTqlYGHJtX49ymuKqfyZzOAUSUzDMcj8gfDgzOCcuhw2sK3fJaMsz9ZV9+y<solidus>Vf7hyk9rwq4f3aoyrwX7P<solidus>Hp65YhE5rOxzPLjSh1i2S9mZLDBE5c3czZRpJB4rJsC8kl4zQ96C63rTh4NziSj8cEBK+AJpcwnvdQwVUQ1UYJiXWKb5weIFYW4O5a4+xBilEYr8wu1Z6sc8CVeiToCUH+0q4TzMs+OpBj1jaPlqxZ7McVC6K62uafWtXgUCUudmT8ELma9MZhyYiO59w6FvDztQBokoFD2ZIxITBZonuWecxIXcQXzjv+sSCpuV2TaqJBdRm4wmo07qgKwOtzG3b<solidus>GvDfQTfePDtsd0GxWk85fxFcdxZlVpv32D0Mi2FTeHu1MOTgbj7PrqTwvWBUXrNNO<closeparen><comma>..."

 

 

Of course, I need the plaintext. How can I get the plaintext?

 

 

Thanks

 

ben

 

 

[1] http://docs.safe.com/fme/html/FME_GuiType/doc_pages/readerprompt.txt

 

[2] http://docs.safe.com/fme/html/FME_GuiType/doc_pages/password.txt

5 replies

david_r
Rank
Userlevel 4
Hi

 

 

I searched around a bit and I couldn't find anything either. I suspect that Safe does not want to expose the "fme_decrypt" function since it would go against the very idea of encrypting the passwords in the first place.

 

 

David

 

 
B
Badge
Thanks for answering.

 

 

Can I set the password as a publish parameter? Then, my reader could read it from there.

 

I heard about TCL and scripted parameters, but I am not sure if that can help me in this scenario.
david_r
Rank
Userlevel 4
Sure, you can define a published parameter of type text that you link to the database password parameter.

 

 

You probably do not need to use any TCL or scripted parameters for this.

 

 

David
G
Badge

Security Issue (for me)

If you want to decrypt the password, it's very simple.

  • Create a private parameter with your password
  • AttributeSetter: create a new attribute and set the value with your private parameter
  • Logger

Your password is decrypted

G
Badge

Security Issue (for me)

If you want to decrypt the password, it's very simple.

  • Create a private parameter with your password
  • AttributeSetter: create a new attribute and set the value with your private parameter
  • Logger

Your password is decrypted

FME Desktop 2016

 

 

Reply


Community Stats

28,711
Posts
109,487
Replies
36,559
Members
Terms & ConditionsCookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.