Skip to end of metadata
Go to start of metadata

Diagram

Elements

CredentialStoreFragment
References Notes

This element includes the parameters for access to a secure store with credentials for file transfer operations.

If you want to store secure access data, i.e. account, password, SSH key, database connection strings, in an encrypted database, then configure access to a CredentialStore accordingly.

A CredentialStore is a KeePass database that stores secure access data. Such credentials can be referenced from YADE configuration items instead of being exposed in plain text.

Any number of CredentialStores can be configured. They are distinguished by their name attribute. References to a CredentialStore use the value of the name attribute to identify the respective CredentialStore.

Use by configuration items

Credentials can be referenced from a CredentialStore by the following configuration items:

Any number of credential store fragments can be configured and are distinguished by YADE according to their name attribute.

A fragment is referenced by a transfer Profile using the value of the CredentialStoreFragmentRef ref attribute.

Support for KeePass versions 1 and 2.

Note: Availability starting with YADE-464.

Referencing CredentialStore fields.

Note: Availability starting with YADE-481.

Referencing a field in the CredentialStore is effected by the following syntax:

        cs://[entry_path]@entry_field

where

  • cs://         is a constant prefix that is used by YADE to identify this setting to be a reference to a CredentialStore.
  • entry_path      specifies the path to an entry within the CredentialStore database. Folders (groups) within a path are separated by a slash "/". This setting is optional. If ommitted then the value of the CSEntryPath configuration item is used.
  • entry_field          is one of the standard fields available in a CredentialStore:
    • title
    • user
    • password
    • url
    • notes
    • attachment
    or the custom fields.

<Hostname> element:

  • Usage like the examples below.
  • If the entry field value is defined with host:port, YADE sets the <Hostname> and <Port> automatically.

Examples

  • Examples for fully specified entry path:
    • <Domain>, <Hostname>, <Account>, <Password>, <Passphrase> elements:
      • cs://sos/mft_server/srv001@title
      • cs://sos/mft_server/srv001@user
      • cs://sos/mft_server/srv001@password
      • cs://sos/mft_server/srv001@url
      • cs://sos/mft_server/srv001@notes
      • cs://sos/mft_server/srv001@my_custom_field
    • <AuthenticationFile> element:
      • cs://sos/mft_server/srv001@attachment - the first attachment
      • cs://sos/mft_server/srv001@my_custom_field - a specified attachment
  • Examples without fully specified entry path:
    • <Domain>, <Hostname>, <Account>, <Password>, <Passphrase> elements:
      • cs://@title
      • cs://@user
      • cs://@password
      • cs://@url
      • cs://@notes
      • cs://@my_custom_field
    • <AuthenticationFile> element:
      • cs://@attachment - the first attachment
      • cs://@my_custom_field - a specified attachment
name

This attribute identifies the current fragment. Any number of fragments can be used and are distinguished by YADE based on their name.

A fragment is referenced via this attribute value by a transfer profile.

Element Type Required Description
Attribute: name NMTOKEN
Required

This attribute identifies the current fragment. Any number of fragments can be used and are distinguished by YADE based on their name.

A fragment is referenced via this attribute value by a transfer profile.

CSFile string
  • Min: 1
  • Whitespace: preserve
  • Occurrence: 1
Required
References Notes

The path and name of the KeePassX database file with the file extension .kdb that is used as a Credential Store database.

CSAuthentication
  • Occurrence: 1
Required
References Notes

A Credential Store can be accessed using a private key or using a password or a combination of both.

PasswordAuthentication
  • Occurrence: 1
Required

A Credential Store can be accessed using a private key or using a password or a combination of both.

KeyFileAuthentication
  • Occurrence: 1
Required

A Credential Store can be accessed using a private key or using a password or a combination of both.

CSEntryPath string
  • Min: 1
  • Whitespace: preserve
  • Occurrence: 0..1
Optional
References Notes

This parameter specifies the path to an entry inside the Credential Store database.

CSExportAttachment
  • Occurrence: 0..1
Optional
References Notes

At run-time YADE can export the file included with the attachment field of a Credential Store database to the local file system.

CSExportedFile string
  • Min: 1
  • Whitespace: preserve
  • Occurrence: 1
Required

Development status: not implemented

At run-time YADE can export the file included with the attachment field of a Credential Store database to the local file system.

To use the exported file during a file transfer operation YADE has to know the location of the attached file in the local file system. Use this parameter to specify the path of exported file in the local file system.

CSKeepExportedFileOnExit boolean
  • Whitespace: collapse
  • Occurrence: 0..1
Optional

Development status: not implemented

At run-time YADE can export the file included with the attachment field of a Credential Store database to the local file system.

With the file transfer operation being completed and irrespective of the operation's status YADE will by default delete this file. In special cases, e.g. for debuging, if you want YADE not to delete the file then use this parameter.

CSOverwriteExportedFile boolean
  • Whitespace: collapse
  • Occurrence: 0..1
Optional

Development status: not implemented

At run-time YADE can export the file included with the attachment field of the Credential Store database to the local file system.

For example if the attached file is an SSH key and YADE wants to use the key file for file transfer operations then YADE will export the attached file to a predefined directory, i.e. $HOME/.ssh. To avoid any unwanted overwriting of existing files in the $HOME/.ssh folder use this parameter.

CSPermissionsForExportedFile string
  • Min: 1
  • Whitespace: preserve
  • Occurrence: 0..1
Optional

Development status: not implemented

At run-time YADE can export the file included with the attachment field of the Credential Store database to the local file system.

For example if the attached file is an SSH key and YADE wants to use the key file for file transfer operations then YADE will export the attached file to a predefined directory, i.e. $HOME/.ssh, and the key file will require specific permissions.

CSStoreType string
  • Whitespace: preserve
  • Enumeration:
    • KeePassX
  • Occurrence: 0..1
Optional
References Notes

A Credential Store can be implemented by different products.

At the time of writing only "KeePassX" as a Credential Store database is supported and only KeePassX as valid parameter value is permitted.

  • No labels
Write a comment…