Passing in a DataStage encrypted password to ISD

BradJoss · Post by **BradJoss** » Tue Apr 23, 2013 1:42 pm

Hi All,

I'm not sure if this is the right forum but I've seen other posts that relate to this issue. If it's not please let me know and I'll move it.

So here's the problem I'm facing.

I've figured out, with help from this site (Big Thanks), that the ISDAdmin command line tool is how to change the runtime values of our DataStage job that we're exposing as a web service call in ISD. However, we don't want to have to set the encrypted fields using clear text as this violates our Security requirements. We know and have access to the encrypted password values that DataStage creates when we set those values in a Parameter Set. The problem that I'm facing is when I try to pass in the encrypted value, ISDAdmin thinks it's clear text, and encrypts it again.

Does anyone know a solution to this problem?

Thanks in advance!
Brad

ray.wurlod · Post by **ray.wurlod** » Tue Apr 23, 2013 2:19 pm

You can encrypt values using encrypt.sh (in the bin directory of ASBNode or ASBServer) and use these (for example {iisenc}s8dwdS#sf9wd1f3ssfre--) in your command line. The encrypt.sh utility uses AES-128 encryption by default (you can choose something else).

eostic · Post by **eostic** » Wed Apr 24, 2013 5:08 am

Off the top of my head, I would instead set this up as an always on job so that I don't have to pass the job parameter at all....the encrypted value will be in the app itself and each invocation will be vastly more efficient. Alternatively, consider using https and ssl for encryption of the entire soap envelope on the wire.

Ernie