Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] encrypting MRE passwords in MYSQL

Read-Only Read-Only Topic
Go
Search
Notify
Tools
[CLOSED] encrypting MRE passwords in MYSQL
 Login/Join
 
Gold member
posted
Hi,

A customer is using MYSQL as MRE/BID repository and the passwords are encrypterd in the db by WebFOCUS. We'd possibly need to create functionality to update/reset the password in the db through a custom WebFOCUS procedure. We're looking at a situation where a user forgets his password -> clicks a link "Forgot password" -> a new password is created automatically and emailed to the user. We're able to update the password in the db with MODIFY or a MYSQL stored procedure, and logins still work ok after this, but the passwords are not encrypted. At the moment WebFOCUS is encrypting the passwords using its own encryption method, I believe, but is it possible to use the same encryption with(in) a fex? Or if we changed the encryption method to say TripleDES in WebFOCUS, would it make a difference with what we're trying to achieve?

It could maybe also be possible to just protect the password field/table in the db with MYSQL tools and just allow WebFOCUS to update the field(s), but we haven't looked into this yet.

Thanks for your help!

Cheers,
Mika

This message has been edited. Last edited by: Kerry,


WebFOCUS 7.6.x
PMF 5.2.x
 
Posts: 58 | Location: Sydney, Australia | Registered: April 22, 2005Report This Post
Platinum Member
posted Hide Post
Mike,
Take a look at the "Security and Administration" guide section on Encryption providers. If you set everything to use 3DES encryption, and define your own key, you should also be able to use that key in a routine to store the password (assuming you have something that can do 3DES). It might require calling an external program to do the encryption because I don't think there is anything native to a FEX, but it is doable.
Alternatively you can program something to use the WebFOCUS MR API in Java, or WebFOCUS MR web services to reset the password. This will then have Managed Reporting be setting the password and it will know about the existing encryption and encrypt it properly.
If you wanted to do this all from a FEX, you can use the Web Services adapter on the Reporting Server to call the Managed Reporting web services to reset the password.

Depending on your release of WebFOCUS you may need to talk to your sales rep about additional licensing to make this possible.
 
Posts: 203 | Registered: November 19, 2007Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] encrypting MRE passwords in MYSQL

Copyright © 1996-2020 Information Builders