Introduction

Users frequently ask if JS7 can encrypt credentials. The answer is "no" as it makes no sense to handle a symmetric key that is in reach of the component that makes use of it. Encrypted passwords correspond to the "key under the mat" - they do not provide additional security. However, they contribute perfectly to "security by obfuscation".

There is only one way to securely handle passwords: not to use passwords.

If the use of passwords is required, then consider using a Credential Store. In addition, check if alternative authentication mechanisms such as Integrated Security can be applied.

Credential Store

JS7 supports use of a Credential Store:

JS7 - Credential Store
- JS7 - Use of Credential Store with Shell Jobs
- JS7 - Use of Credential Store with JITL Jobs

Integrated Security

Integrated Security is an authentication scheme based on the fact that the account which a component is operated for is already authenticated by the OS and therefore can access a database without specifying user/password credentials.

This feature is available for a number of DBMS such as:

Microsoft SQL Server®, see the JS7 - How to connect to an SQL Server database without using passwords article.
Oracle® including support for Oracle® Wallet, see the JS7 - How to make JOC Cockpit connect to an Oracle database using Wallet® article.

Space shortcuts

Page tree

Introduction

Credential Store

Integrated Security

Space shortcuts

Page tree

JS7 - How to encrypt passwords for access to a database by a job

Introduction

Credential Store

Integrated Security