Skip to main content
Solved

For scheduled jobs, how does FME Server store published parameters that are passwords?

J

I can't find anything in the documentation about how how FME Server stores published parameters in scheduled jobs.

Are published parameters that are passwords encrypted? Or does FME server store these parameters as clear text behind the password dots?

See the screenshot below that shows exactly what I'm talking about:

Best answer by david_r

The password is stored encrypted in the FME Server database (table public.fme_parameter), e.x.

fme_decrypt(MDowfCN8I3xcG3GQ/TeRRUJUZ5LDPtdvpscbh7Nj9gG/INBkAGA+fkaDrNbhZtfa3rmkUUrCxKWaAFwiYsKgWJNl/0mRpxUuP+IT2c+Qhh26JEZtUWAmpuoaQCdQ3ykKWm2zaoAM5MBCGaGEuYe+6AS07/nLNRJwqp1jdwP1FgVCbXRvZtWfKjEZlNJYQ+EicVc6cv2DxCYJyTljvXwF8mKxenML6FKJiHARQCO8OMJidKKZQJP1SeYIhqB0YrtGw4cGV2ZquQKifvRjB2Tl6wBAWDmeCg+R1jvft1tR17SISyTDv77K+mV80w2aaUSgybbF7coM0BrQPcpehfjlW+YxV73+9mPMFXKQeznZ22T8MJor57O44p8U2NQCw35HiFBs0oVP9VkkY0D/WzGRevseyX1pIEWJSQSFwkJVhiyXavMDz5E5SEYgTZHfVeGBXCDuIEEbfRRkPU5yD2nw2ZAVimDRD7UQhEEY6PosGqU17He4y35WEfAggQ40+EKuupOQSZRsKotTTqlYGHJtX49ymuKqfyZzOAUSUzDMcj8gfDgzOCcuhw2sK3fJaMsz22JHqH//Hb7YLFyrCiktlbnAWXk/X40A24Sy3Kr0attBFqjEJvxgQW6PsJ9agOATMfKC9CnCBUGta9QcAUUkcnBZ3adyag5MXzUs7AkppruMc7DeGCbaT+rejMbUGGmrrvQjzf742XT5CBWKOeaCWojfAFmXvbBZtVLkWHTgFehRKSwwxIyzJHl/qhrQJu4jOEMIFsFAIPPbcKiGQS+GYJc2WYHCMZxwFDPGusQ+ECPfhcDpiW79MibLuzN5u/v5EEwEVi0iOf8jUt/ZykX+oQjJU58I5Y/LiX9lO21LJIrfv/xKDI3V0Sg3nKHgmX4xvH9wvqBuSvB9yBcIZwbCwWdwPI2aymmg)

I have no idea how secure it is since the algorithm used isn't public knowledge.

If you need better security I highly recommend you look into named database connections rather than using parameters:

https://docs.safe.com/fme/html/FME_Desktop_Documentation/FME_Workbench/!NamedConnections/Using_Database_Connections.htm

View original
Did this help you find an answer to your question?

2 replies

david_r
Evangelist
  • david_rEvangelist
  • Best Answer
  • February 2, 2017

The password is stored encrypted in the FME Server database (table public.fme_parameter), e.x.

fme_decrypt(MDowfCN8I3xcG3GQ/TeRRUJUZ5LDPtdvpscbh7Nj9gG/INBkAGA+fkaDrNbhZtfa3rmkUUrCxKWaAFwiYsKgWJNl/0mRpxUuP+IT2c+Qhh26JEZtUWAmpuoaQCdQ3ykKWm2zaoAM5MBCGaGEuYe+6AS07/nLNRJwqp1jdwP1FgVCbXRvZtWfKjEZlNJYQ+EicVc6cv2DxCYJyTljvXwF8mKxenML6FKJiHARQCO8OMJidKKZQJP1SeYIhqB0YrtGw4cGV2ZquQKifvRjB2Tl6wBAWDmeCg+R1jvft1tR17SISyTDv77K+mV80w2aaUSgybbF7coM0BrQPcpehfjlW+YxV73+9mPMFXKQeznZ22T8MJor57O44p8U2NQCw35HiFBs0oVP9VkkY0D/WzGRevseyX1pIEWJSQSFwkJVhiyXavMDz5E5SEYgTZHfVeGBXCDuIEEbfRRkPU5yD2nw2ZAVimDRD7UQhEEY6PosGqU17He4y35WEfAggQ40+EKuupOQSZRsKotTTqlYGHJtX49ymuKqfyZzOAUSUzDMcj8gfDgzOCcuhw2sK3fJaMsz22JHqH//Hb7YLFyrCiktlbnAWXk/X40A24Sy3Kr0attBFqjEJvxgQW6PsJ9agOATMfKC9CnCBUGta9QcAUUkcnBZ3adyag5MXzUs7AkppruMc7DeGCbaT+rejMbUGGmrrvQjzf742XT5CBWKOeaCWojfAFmXvbBZtVLkWHTgFehRKSwwxIyzJHl/qhrQJu4jOEMIFsFAIPPbcKiGQS+GYJc2WYHCMZxwFDPGusQ+ECPfhcDpiW79MibLuzN5u/v5EEwEVi0iOf8jUt/ZykX+oQjJU58I5Y/LiX9lO21LJIrfv/xKDI3V0Sg3nKHgmX4xvH9wvqBuSvB9yBcIZwbCwWdwPI2aymmg)

I have no idea how secure it is since the algorithm used isn't public knowledge.

If you need better security I highly recommend you look into named database connections rather than using parameters:

https://docs.safe.com/fme/html/FME_Desktop_Documentation/FME_Workbench/!NamedConnections/Using_Database_Connections.htm

J
Forum|alt.badge.img

You can also look at using a shell script to pass in passwords and that way it is not hardcoded into the workspace. We used this method with FME Server 2014 ok.

Reply


Helpful Members This Week

Community Stats

30,940
Posts
117,251
Replies
38,742
Members

Latest FME

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.