...
- The "Password Safe" (Credential Store, CS) allows connection and other data to be encrypted and stored securely and independently of the application(s) such as.YADE and the JobScheduler YADE JITL Jobs that use this data. Access to the CS is only possible with access methods such as an SSH key or password.
- The CS can use "KeePass 1.x" and "KeePass 2.x" but note that:
- KeePass 2.x can be used on more operating systems than Keepass 1.x see the Keepass Web Site for more information.
- KeePass 2.x allows more security features that are relevant for its use as a credential store than Keepass 1.x. Again, see the Keepass Web Site for more information.
.kdbxdatabase and the installation of a kdbx-compatible interface such as "KeePass 2" or "KeePass-X". - The advantage of using a CS The advantage of using a CS is that the CS stores the credentials (and other information/parameters) in a standardized, secure and fully encrypted database and sensitive authentication information is not exposed in use. Applications access the CS database via a standard interface. The CS database can only be accessed using password, encryption-key file (ppk) or a combination of both. The CS password is used to encrypt the contents stored in the CS database with AES.
- The CS can be used to securely store information or parameters, database connection URL, run-time decryption key and other access data.
...
The configuration provided in the download file will cause six files in the root server folder to be copied to a local /jade_demo/transfer_receive folder, generating the target folder in the user's home or profile directory if required and permissions are available. The files will be transferred by FTP and authentication for the server (user name and password) is specified in the download file.
KeePass 2 is used in the current article to install the credential store database.
Installing and configuring the Credential Store
The installation of KeePass is described on the Keepass Web Site.
For the examples described in the current article the following database was configured (on a Windows system):
- Path & name:
%USERPROFILE%\jade_demo\keepass\demo_cred_store.kdbxMaster Password:sosstore.kdbx - Master Password:
sos
In addition a Master Key file (not used in the example below) can be generated using the KeePass menu Files/Change Master Key option and then selecting the Show expert options checkbox (shown greyed out in the following screenshot).
Adding Data to the Credential Store
A group named ftp has been for the current example along with the entry demo in test.sos-berlin.com.
The following information can be retrieved from CS standard fields:
...
- A Credential Store Fragments element that at the same level in the XML hierarchy as the Protocol Fragments elements.
- A Credential Store Fragment element that is referenced from the Protocol Fragment. This Fragment specifies the location and authentication for the Credential Store.
- Password, keyfile and combined password-keyfile authentication methods are possible.
- The values of the connection and authentication elements are modified to refer to elements stored within the Credential Store.
...
The use of the Credential Store is contained within the settings file and is not exposed when calling the YADE client. For example, for on Windows systems, the YADE client could be called for the current example using:
| Code Block | ||||
|---|---|---|---|---|
| ||||
C:\Program Files\sos-berlin.com\jade\client\bin>jade.cmd -settings="%USERPROFILE%\jade_demo\sos-berlin_demo_2_local.xml" -profile="ftp_server_2_local_cs" |
...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
C:\Program Files\sos-berlin.com\jade\client\bin>jade.cmd -settings="%USERPROFILE%\jade_demo\sos-berlin_demo_2_local.xml" -profile="ftp_server_2_local_cs" + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + START : JADE.CMD + + ----------------- + + DATE : 17.04.2018 14:56:51,26 + HOSTNAME : JS-PC + USER : aa + CALL : C:\Program Files\sos-berlin.com\jade\client\bin\jade.cmd -settings="C:\Users\aa\jade_demo\sos-berlin_demo_2_local.xml" -profile="ftp_server_2_local_cs" + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + main INFO 14:56:54,679 (SOSDataExchangeEngineMain.java:76) ::Execute SOSDataExchange - Kommandozeilenprogram startet .... main INFO 14:56:54,711 (SOSDataExchangeEngine.java:536) ::showBanner ************************************************************************ * * * YADE - Managed File Transfer * * -----www.sos-berlin.com----- * * * ************************************************************************ Version = 1.12.3-SNAPSHOT (2018-04-15 23:09, revision f156fa1144fe219789e9bf2ad1d3a4b52a68cd24) Copyright 2003-2018 SOS GmbH Berlin Date = 2018-04-17 14:56:54 SettingsFile = C:\Users\aa\jade_demo\sos-berlin_demo_2_local.xml Profile = ftp_server_2_local_cs Operation = copy Transactional = false +------------Source------------ | Protocol = ftp | Host = test.sos-berlin.com | IP = 93.157.51.161 | User = demo | Password = *** | Passive = false | TransferMode = binary | Directory = ./ | FileSpec = .* | ErrorWhenNoFilesFound = true | Recursive = false | Remove = false +------------Target------------ | Protocol = local | Host = JS-PC | IP = 192.11.0.85 | Directory = C:\Users\aa\jade_demo\transfer_receive/ | OverwriteFiles = true main INFO 14:56:55,164 (SOSVfsFtpBaseClass.java:242) ::doConnect SOSVfs_D_0102: Verbunden mit Rechner 'test.sos-berlin.com' ³ber Port-Nummer '21'. main INFO 14:56:55,539 (SOSVfsFtpBaseClass.java:958) ::login (demo@test.sos-berlin.com:21) SOSVfs_D_133: Benutzer 'demo' eingeloggt. main INFO 14:56:55,695 (SOSVfsFtpBaseClass.java:1295) ::transferMode SOSVfs_D_123: Antwort des FTP-Servers ['binary']: '200 Type set to I'. main INFO 14:56:56,148 (SOSDataExchangeEngine.java:897) ::setInfo 6 files found for regexp '.*'. main INFO 14:56:56,945 (SOSDataExchangeEngine.java:788) ::printState SOSJADE_I_0101: Es wurden 6 Dateien ³bertragen main INFO 14:56:56,961 (SOSDataExchangeEngine.java:359) ::showResult ************************************************************************* Ausf³hrungsstatus = Ohne Fehler. Erfolgreiche ▄bertragungen = 6 ▄bersprungene ▄bertragungen = 0 Fehlgeschlagene ▄bertragungen = 0 letzter aufgetretener Fehler = ************************************************************************* main INFO 14:56:56,976 (SOSDataExchangeEngineMain.java:78) ::Execute Execute - Programm wurde ohne Fehler beendet + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + END : JADE.CMD + + ---------------- + + DATE : 17.04.2018 14:56:57,03 + HOSTNAME : JS-PC + USER : aa + CALL : C:\Program Files\sos-berlin.com\jade\client\bin\jade.cmd -settings="C:\Users\aa\jade_demo\sos-berlin_demo_2_local.xml" -profile="ftp_server_2_local_cs" + EXIT : 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + |
As with all YADE jobs, the number of successful file transfers can be seen in the log file.
See Also:
...