- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-23-2016 06:34 AM
Hi Experts,
I have a SSHCommand probe that runs a shell script to launch SQLplus to connect to Oracle instances on the target server. It is working fine, but at the moment I have the Oracle user/password hard coded in the script.
Can I, and how, have the database credential stored in the custom credential table, and then call it from, or pass it to the shell script ?
Thanks in advance for any help,
john
Solved! Go to Solution.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-23-2016 08:08 AM
Hey John,
Yes, you can use gs.getProperty() or gs.getMessage() to access it.
Or as you said, you can store credentials on a custom table and access it using Glide Record too.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-30-2016 03:27 AM
Hey John,
Seems like a small mistake in your script. Please try like this and let me know.
var pw_hash = '';
var crypt = '';
var anser = '';
var gr = new GlideRecord('discovery_credentials');
gr.addQuery('name', 'oracle_user');
gr.query();
if(gr.next()){
pw_hash = gr.password;
crypt = new GlideEncrypter();
pw_text = crypt.decrypt(pw_hash);
answer = pw_text;
}
gs.print(answer);
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-30-2016 06:08 AM
your version results in "org.mozilla.javascript.NativeJavaObject@cd7c2682" which indicates a type issue.
If I test for type using a simple oftype it is an object. If I dig further using:
var objecttype = Object.prototype.toString.call(pw_text);
it is : [object JavaObject]
If I force the result to be a string ( pw_text + '') then it is 'undefined'.
At this point I need to check some assumptions:
credentials of 'Basic Authentication' type have passwords encrypted (password2) ? So the MID key should be able to decrypt them, and the glide encrypter is the right way ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-30-2016 06:13 AM
Hey John,
I tried the same script in the BG console. I am able to get the value. Not sure why it is not working!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-30-2016 07:37 AM
Yup, it was working for me in BG as well..
But in the end it was an object being returned there as well. The answer which works perfectly is to force it to be a string with + ''
var pw_hash = '';
var crypt = '';
var answer = '';
var gr = new GlideRecord('discovery_credentials');
gr.addQuery('name', 'oracle_user');
gr.query();
if(gr.next()){
pw_hash = gr.password;
crypt = new GlideEncrypter();
pw_text = crypt.decrypt(pw_hash);
answer = (pw_text + '');
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-30-2016 08:54 AM
As the shell script is running in a bash session, have you considered using the Oracle Wallet to store connection credentials in that account's home directory?
That way the shell script will be passed to the bash user without any authentication details needed, and the account can then take care of Oracle authentication.
(this is the purpose of the Wallet - like a .my.cnf for Oracle)
