KBEC-00165 - Passing credential parameters to runProcedure

Summary

You call runProcedure with ordinary parameters as

my $xPath = $ec->runProcedure("$[/myProject/projectName]",    { 'procedureName' => 'TestCred',    'actualParameter' => \@parameterList });

where @parameterList is a list created as

push(@parameterList,    { 'actualParameterName' => 'p1',    'value' => 'ordinary string' });

If a you have parameters of the type "credential", you also need to pass a list of credentials

my $xPath = $ec->runProcedure("$[/myProject/projectName]",    { 'procedureName' => 'TestCred',    'actualParameter' => \@parameterList,    'credential' => \@credentialList });

How do you populate @credentialList?

Solution

  • First you must add an actual parameter that binds the parameter name to the name of the credential, like
    push(@parameterList, {"actualParameterName" => "procCred", "value"  => "procCred"});

    where "procCred" is the name of the Credential parameter.

  • Next you must define a credential of the same name. The credential has three fields - credentialName, userName, and password
    push(@credentialList, {"credentialName" => "procCred", "userName"  => "aaa", "password" => "111"});

    You can add both of these as many times as you need to, based on the number of credential parameters.

  • To avoid putting cleartext passwords into the code, you can use getFullCredential command
    my $credential = $ec->getFullCredential('procCred');

Putting it all together

Example running a procedure as a credentialed user without exposing the password

use strict;use ElectricCommander;$| = 1;my $ec = new ElectricCommander;my (@parameterList,@credentialList);# An ordinary parameterpush(@parameterList,    { 'actualParameterName' => 'p1',    'value' => 'ordinary string' });# A credential parameterpush(@parameterList,    { 'actualParameterName' => 'procCred',    'value' => 'procCred' });my $credential = $ec->getFullCredential('procCred');my $userName = $credential->findvalue('//credential/userName');my $password = $credential->findvalue('//credential/password');push(@credentialList,    { 'credentialName' => 'procCred',    'userName' => "$userName",    'password' => "$password" });# Run the proceduremy $xPath = $ec->runProcedure("$[/myProject/projectName]",    { 'procedureName' => 'TestCred',    'actualParameter' => \@parameterList,    'credential' => \@credentialList});

Example logging into another server without exposing the password.

This approach avoids the password ever appearing in the clear via 'ps'.

use strict;use ElectricCommander;$| = 1;# Fetch the credentialmy $ec = new ElectricCommander;my $cred = $ec->getFullCredential('otherCred');# Log in to another server using the credentialmy $otherEc = new ElectricCommander({server => "otherServer"});$otherEc->login($cred->findvalue('//userName')->value, $cred->findvalue('//password')->value);
Have more questions? Submit a request

Comments

Powered by Zendesk