Software AG Products 10.7 | Integrating On-Premises and Cloud Applications | Integration Server Built-In Services | Security Folder | Summary of Elements in this Folder | pub.security.outboundPasswords:setPassword
 
pub.security.outboundPasswords:setPassword
WmPublic. Stores a key and password in the password store.
Input Parameters
key
String Key to be associated with the password entry.
value
WmSecureString Password to be stored.
isInternal
String "true" if this should be saved as an internal password; "false" if it should be saved as a public password. Default is "false". (See Internal and Public Passwords for more information.)
Output Parameters
result
String "true" if password was successfully stored; "false" otherwise.
message
String "successful" or reason for failure.
Usage Notes
This is the basic process a flow service should follow to store an outbound password:
1. Call pub.security.util:createSecureString to create a WmSecureString object containing the password to be stored.
For security reasons, the flow service should be run manually requiring an authorized person to type the password to be stored. This will eliminate the need to save the password on disk in an unencrypted format.
2. Call pub.security.outboundPasswords:setPassword to save the password in encrypted form in the outbound password store.
The pub.security.outboundPasswords:setPassword service requires a key to be supplied which is basically a key to the password. This key must be saved in some way; any flow service wishing to use the password to access a secure resource will need to supply the key to retrieve the password from the outbound password store.
3. Once the password is successfully stored, call pub.security.util:destroySecureString to remove the password from memory.
Internal and Public Passwords
Internal passwords are passwords for use by the Integration Server itself to access secure resources (e.g., remote Integration Servers, JDBC connection pools, LDAP servers, etc.). Internal passwords are managed using the Integration Server Administrator and are stored in the outbound password store. Flow services are also allowed to store passwords in the outbound password store. However, by default, passwords stored by a flow service are considered "public," as opposed to internal. This distinction allows flow services to use the outbound password store as a secure mechanism for storing and retrieving passwords, but protects the Integration Server's internal passwords.
When calling any of the pub.security.outboundPasswords services (i.e. setPassword, getPassword, listKeys, removePassword, and updatePassword) the isInternal input parameter indicates whether the service is working with internal or public passwords. Note that even if this parameter is set to "true", you cannot access internal passwords if the Integration Server is configured to deny access to internal passwords. Access to internal passwords is controlled by the watt.security.ope.AllowInternalPasswordAccess configuration parameter on the Integration Server; for more information see webMethods Integration Server Administrator’s Guide.