Page History

...

All Credential Store features such as secure, compliant and password-free use of the Credential Store as well as compatibility with Keepass .kdb databases require the YADE Client in version 1.12.2 or newer.

...

The current example uses the XML configuration from the Getting Started tutorial article above and describes the necessary configuration elements required to move the sensitive information such as user name and password from the XML file to the Credential Store. Users wishing implement the current example should download the tutorial file transfer configuration file linked above and open it in their XML Editor, where they can then add the necessary configuration information.

The information required to use the Credential Store falls into two "areas":

...

In addition, the ProtocolFragment element has a reference specifying that the Credential Store is to be used.

Specifying the Credential Store

The following list shows the organization of the XML elements required to specify the Credential Store. These elements and their attributes are shown in full in the XML Editor screenshot below. 

• Fragments
  
  • ProtocolFragments
    • FTPFragment name=""
      
      • ....
      • CredentialStoreFragmentRef ref ="ftp_demo"
  • CredentialStoreFragments
    • CredentialStoreFragment name ="ftp_demo"
      
      • CSFile file path ....
      • CSAuthentication
        
        • ...
      • CSEntryPath

• A CredentialStoreFragments element at the same level in the XML hierarchy as the Protocol Fragments elements.
  
  • This element can have one or more child Credential Store Fragment elements (described below).
• A CredentialStoreFragment element that is referenced from the ProtocolFragment. This Fragment specifies the location of and authentication required for the Credential Store.
  • Password, key file and combined password/key file authentication methods are possible.
• A CredentialStoreFragmentRef element as a child element of the Protocol Fragment element - in the current example this is the FTPFragment. 
  • The values of the connection and authentication elements are modified to refer to elements stored within the Credential Store.

Addressing the information in the Credential Store

Parameters stored in a Credential Store database Entry can be addressed in the CredentialStoreFragment XML element as follows:

Addressing the information in the Credential Store

Parameters stored in a Credential Store database Entry can be addressed in the CredentialStoreFragment XML element as follows:

• The CSEntryPath element is used to specify the base path in the Credential Store database to the Entry.
  In the current example this would be set to:
  
  • demo/ftp/demo_on_test.sos-berlin.com
    where demo and ftp are (optional) Group names, as already mentioned, and demo_on_test.sos-berlin.com is the Title of the KeePass database Entry.

The Credential Store Entry parameters are addressed using one of the following syntaxes:

• relative:
  • cs://@parameter_name, where the parameter_name is the name of the relevant parameter specified for the Entry - for example, url and the CSEntryPath element is filled as shown above
• fully specified:The CSEntryPath element is used to specify the base path in the Credential Store database to the Entry.
  In the current example this would be set to:
  
  • cs://
  • demo/ftp/demo_on_test.sos-berlin.com
    where demo and ftp are (optional) Group names, as already mentioned, and demo@parameter_name, and where the CSEntryPath element, which is a required element, is left blank

The following parameters are fully specified in the Credential Store in the current example:

• Hostname: cs://demo/ftp/demo_on_test.sos-berlin.com is the Title of the KeePass database Entry.

The Credential Store Entry parameters are addressed using one of the following syntaxes:

• @url (where @url specifies the URL element stored in the database )
• Account: cs
• relative:
  • cs://@parameter_name, where the parameter_name is the name of the relevant parameter specified for the Entry - for example, url and the CSEntryPath element is filled as shown above
• fully specified:cs://demo/ftp/demo_on_test.sos-berlin.com@parameter_name, and where the CSEntryPath element, which is a required element, is left blank

The following parameters are set in the Credential Store in the current example:

• @user (where @user specifies the User name element stored in the database)
• PasswordHostname: cs://demo/ftp/demo_on_test.sos-berlin.com@url@password (where @url @password specifies the URL Password element stored in the database)
• Account: cs://demo/ftp/demo_on_test.sos-berlin.com@user (where @user specifies the User name element stored in the database)
• Password: cs://demo/ftp/demo_on_test.sos-berlin.com@password (where @password specifies the Password element stored in the database)

Note that a full list of parameters is described in the Adding an Entry to the Credential Store section above.

Alternative Syntax

Note also that although the CSEntryPath element is a required element, it can be left empty and that fully specified paths can be used for each parameter. For example, the Password could be specified using:

• cs://demo/ftp/demo_on_test.sos-berlin.com@password

Configuration in the XML Editor

The parts of the XML configuration relevant to the use of the Credential Store are shown in the following screenshot of the configuration for the current example, with parameter values highlighted in yellow:

 Image Removed

Running the YADE Client with the Credential Store

The use of the Credential Store is contained within the settings file and is not exposed when calling the YADE Client. For example, on Windows systems, the YADE Client is called for the current example using:

C:\Program Files\sos-berlin.com\jade\client\bin>jade.cmd -settings="%USERPROFILE%\jade_demo\sos-berlin_demo_2_local_cs.xml" -profile="ftp_server_2_local_cs"

The following listing shows the output produced by the example configuration. Note that the problem that occurred with the transfer of one of the files has nothing to do with the use of the Credential Store.

C:\Program Files\sos-berlin.com\jade\client\bin>jade.cmd -settings="%USERPROFILE%\jade_demo\sos-berlin_demo_2_local_cs.xml" -profile="ftp_server_2_local_cs"

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+                       START  : JADE.CMD                         +
+                       -----------------                         +
+ DATE     : 18.04.2018 15:32:45,54
+ HOSTNAME : JS-PC
+ USER     : aa
+ CALL     : C:\Program Files\sos-berlin.com\jade\client\bin\jade.cmd -settings="C:\Users\aa\jade_demo\sos-berlin_demo_2_local_cs.xml" -profile="ftp_server_2_local_cs"
+                                                                 +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

main INFO  15:32:49,319   (SOSDataExchangeEngineMain.java:76) ::Execute SOSDataExchange - Kommandozeilenprogram startet ....
main INFO  15:32:49,709   (SOSDataExchangeEngine.java:536) ::showBanner
************************************************************************
*                                                                      *
*                     YADE - Managed File Transfer                     *
*                     -----www.sos-berlin.com-----                     *
*                                                                      *
************************************************************************
  Version                 = 1.12.3-SNAPSHOT (2018-04-15 23:09, revision f156fa1144fe219789e9bf2ad1d3a4b52a68cd24) Copyright 2003-2018 SOS GmbH Berlin
  Date                    = 2018-04-18 15:32:49
  SettingsFile            = C:\Users\aa\jade_demo\sos-berlin_demo_2_local_cs.xml
  Profile                 = ftp_server_2_local_cs
  Operation               = copy
  Transactional           = false

  +------------Source------------
  | Protocol              = ftp
  | Host                  = test.sos-berlin.com
  | IP                    = 93.157.51.161
  | User                  = demo
  | Password              = ***
  | Passive               = false
  | TransferMode          = binary
  | Directory             = ./
  | FileSpec              = .*
  | ErrorWhenNoFilesFound = true
  | Recursive             = false
  | Remove                = false

  +------------Target------------
  | Protocol              = local
  | Host                  = JS-PC
  | IP                    = 192.11.0.85
  | Directory             = C:\Users\aa\jade_demo\transfer_receive/
  | OverwriteFiles        = true


main INFO  15:32:49,803   (SOSVfsFtpBaseClass.java:242) ::doConnect SOSVfs_D_0102: Verbunden mit Rechner 'test.sos-berlin.com' ³ber Port-Nummer '21'.
main INFO  15:32:49,866   (SOSVfsFtpBaseClass.java:958) ::login (demo@test.sos-berlin.com:21) SOSVfs_D_133: Benutzer 'demo' eingeloggt.
main INFO  15:32:49,928   (SOSVfsFtpBaseClass.java:1295) ::transferMode SOSVfs_D_123: Antwort des FTP-Servers ['binary']: '200 Type set to I'.
main INFO  15:32:50,272   (SOSDataExchangeEngine.java:897) ::setInfo 6 files found for regexp '.*'.
main ERROR 15:32:51,131   (SOSFileListEntry.java:1150) ::run SOSVfs_E_229: Fehler. Daten³bertragung nicht m÷glich. Grund: com.sos.JSHelper.Exceptions.JobSchedulerException: unable to get inputstream for file './test_5.txt'
main ERROR 15:32:51,131   (SOSDataExchangeEngine.java:1140) ::transfer SOSDataExchangeEngine.TRANSFER_ABORTED
main INFO  15:32:51,131   (SOSFileList.java:464) ::rollback Rollback aborted files.
main INFO  15:32:51,147   (SOSDataExchangeEngine.java:359) ::showResult
*************************************************************************
 Ausf³hrungsstatus                 = Fehlerhaft.
 Erfolgreiche ▄bertragungen        = 5
 ▄bersprungene ▄bertragungen       = 0
 Fehlgeschlagene ▄bertragungen     = 1
 letzter aufgetretener Fehler      = unable to get inputstream for file './test_5.txt'

*************************************************************************
main ERROR 15:32:51,147   (SOSDataExchangeEngineMain.java:81) ::Execute Execute: Fehler aufgetreten: unable to get inputstream for file './test_5.txt', Programm wird mit Exit-Code 99 beendet.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+                        END   : JADE.CMD                         +
+                        ----------------                         +
+ DATE     : 18.04.2018 15:32:51,20
+ HOSTNAME : JS-PC
+ USER     : aa
+ CALL     : C:\Program Files\sos-berlin.com\jade\client\bin\jade.cmd -settings="C:\Users\aa\jade_demo\sos-berlin_demo_2_local_cs.xml" -profile="ftp_server_2_local_cs"
+ EXIT     : 99
+                                                                 +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Note that a full list of parameters is described in the Adding an Entry to the Credential Store section above.

Configuration in the XML Editor

The parts of the XML configuration relevant to the use of the Credential Store are shown in the following screenshot of the configuration for the current example, with parameter values highlighted according to their function:

 Image Added

The Transfer Target Directory

As can be seen in the screenshot above, the CopyTarget.Directory parameter is by default set for a Windows environment and set to:

• ${USERPROFILE}\jade_demo\transfer_receive

It may be necessary to modify this attribute before running the example.

Running the YADE Client with the Credential Store

The use of the Credential Store is contained within the settings file and is not exposed when calling the YADE Client. For example, on Windows systems, the YADE Client is called for the current example using:

C:\Program Files\sos-berlin.com\jade\client\bin>jade.cmd -settings="%USERPROFILE%\jade_demo\sos-berlin_demo_2_local_cs.xml" -profile="ftp_server_2_local_cs"

After the YADE command has finished execution the number of files transferred can be read from the log file.

Note that the log files neither indicate that a credential store has been use for the transfer nor reveal any passwords. As with all YADE jobs, the number of successful file transfers can be seen in the log file.

See Also:

• YADE User Manual - Credential Store

...