Clarity

  • 1.  How to avoid user and password as hard-code in a GelScript

    Posted Oct 21, 2011 03:01 PM
    How to avoid user and password as hard-code in a GelScript?

    I know you can do the following:

    1 - Pass parameter values to the script;
    (In this case, each script would have to have its own parameter, that might create redundancies and many sources.)

    2 - Reading a properties file;
    (In this case, the file is not encrypted.)

    3 - Read an XML file;
    (In this case, the file is not encrypted.)

    4 - Create an object with Clarity authorization information;
    (In this case, the object does gives me the creation of a field of type password.)

    5 - Consult directly from the database.
    (In this case, you lose the support of CA.)

    Anyone know a better way of doing this?

    We thank the community.

    ------------------------------------------------------------------------------------------------------------------------------
    In portuguese:

    Eu sei que é possível fazer das seguintes formas:

    1 - Passar os valores por parâmetro do script;
    (Neste caso, cada script teria que ter o seu próprio parâmetro, isso geraria redundâncias e muitas origens.)

    2 - Ler um arquivo properties;
    (Neste caso, o arquivo não será criptografado.)

    3 - Ler um arquivo XML;
    (Neste caso, o arquivo não será criptografado.)

    4 - Criar um objeto do Clarity com as informações de autorização;
    (Neste caso, o objeto não me proporciona a criação de um campo do tipo password.)

    5 - Consultar diretamente do banco de dados.
    (Neste caso, não haverá suporte da CA.)

    Alguem conhece uma forma melhor de se fazer isso?

    Desde já, agradeço a comunidade.


  • 2.  RE: How to avoid user and password as hard-code in a GelScript

     
    Posted Oct 31, 2011 12:42 PM
    Hi All,

    Any ideas for this one?

    Thanks!
    Chris


  • 3.  RE: How to avoid user and password as hard-code in a GelScript
    Best Answer

    Posted Nov 27, 2011 06:40 PM
    Hi Ricardo,

    Yes you can use a java call in GEL.
    Something like this.

    <!-- ***************************************Get the Password from the system ***********************************-->
    <core:new
    className="com.niku.union.security.DefaultSecurityIdentifier" var="secId"/>
    <core:invokeStatic
    className="com.niku.union.security.UserSessionControllerFactory"
    method="getInstance" var="userSessionCtrl"/>
    <core:set value="${userSessionCtrl.init(username, secId)}" var="secId"/>
    <core:set value="${secId.getUserName()}" var="XOGUsername"/>
    <core:set value="${secId.getPWD()}" var="XOGPassword"/>
    <core:set value="${secId.getSessionId()}" var="sessionID"/>
    <!-- ***************************************END Get the Password from the system ***********************************-->

    This will get the password for you as well as generate a session for you.

    Hope this helps


  • 4.  RE: How to avoid user and password as hard-code in a GelScript

    Posted Nov 28, 2011 06:16 PM
    Hi fpena,
    I have a question about your code there. Where does this pull the

    <!-- ***************************************Get the Password from the system ***********************************-->
    <core:new className="com.niku.union.security.DefaultSecurityIdentifier" var="secId"/>
    <core:invokeStatic className="com.niku.union.security.UserSessionControllerFactory" method="getInstance" var="userSessionCtrl"/>
    <core:set value="${userSessionCtrl.init(username, secId)}" var="secId"/>
    <core:set value="${secId.getUserName()}" var="XOGUsername"/>
    <core:set value="${secId.getPWD()}" var="XOGPassword"/>
    <core:set value="${secId.getSessionId()}" var="sessionID"/>
    <!-- ***************************************END Get the Password from the system ***********************************-->


    When I test this, I get a blank XOGUsername and a blank XOGPassword. Where is this reading from? And if it's reading from a strange location, can I just put the XOGUsername and XOGPassword there?


  • 5.  RE: How to avoid user and password as hard-code in a GelScript

    Posted Nov 29, 2011 03:53 PM
    Hi Lowell,
    you must use a parameter for your username and the variable must be called "username"

    Like this

    <gel:parameter var="username"/>

    then go to custom script parameters, and set the username.

    If you want to use the username of the person executing the process then pull it from a query.
    like this

    <sql:query var="bpm">


    select initiated_by from bpm_run_processes bpm


    where ID=${myProcessId} -- this is the gel_processInstanceId

    </sql:query>
    <core:set value="${bpm.rows[0].initiated_by}" var="username"/>