How do I send a password securly to remote loader?
I want to send a password from the startup policy to the remote loader.
How do I do this in a secure manner? Do I have to encrypt it myself, and decrypt on the other side?
To clarify, the communication is not the problem.
I don't want passwords to be logged in the log-files.
Do I have to encrypt myself to hide the clear-text password in the log? Or is there another way to do it?
You could try by setting is-sensitive on the attribute.
In fact, what you do first:
Append XML element, build where the attr will go in the process. Then set the XML Attribute is-sensitive=true, and then finally add in the password.
True. But what is interesting (David G told me he found this a week or three ago) is if you try to Set local variable to that attribute it STILL won't trace out, because the is-sensitive tag persists in some extra cirumstances. You would have to Strip by xpath, @IS-sensitive to be able to get at it.
You used to be able to set-local-variable to get the value of a is-sensitive attribute, then trace-message out the variable to see the result. They've blocked that. You have to be more creative now.
Yeah. Me too. I hadn't needed to do that for quite a while, so when I did and the trace spit out "<--- content supressed --->" for the value of the local variable, I was somewhat surprised.