m-Power can easily be configured to use any existing encrypted column for password values when securing your applications against a flat file. For more on how to do this, see this page.
While this works great for existing encryptions, it is also possible to use m-Power to encrypt new values as well. To do so, you can use a built-in m-Power external object in any maintainer, which the following steps list in detail.
Step 1 – Registering the External Object
First you will need to register the external object needed for your maintainer to m-Power.
Navigate to Admin -> External Objects -> Create New. Press “Create New External Object” at the top right of the window.
Plug in the following information (screenshot on right for reference):
- Object Name: SHA_ENCODE
- Description: Password Encryption
- Object Type: Java Method
- Java Class Name: com.mrc.ext.SHAEncode
- Java Method Name: encode
Once done, press Save Object.
Next, find the newly created object in the list of External Objects and select View Parms -> Create New Parameter. Two parameters will be needed for this object:
- Description: Encryption Type
- Length: 10
- Required Parm: Yes
- Description: Password
- Length: 99
- Required Parm: Yes
Step 2 – Editing the application
Next, this External Object will be added into the maintainer application that is built over your password table.
Edit the maintainer and go to Additional Options -> External Objects. Press the Add New External Object button.
Select the Password Encryption object created from Step 1 and select a before action location (*BEFOREACT, *BEFOREADD, *BEFOREUPD, *BEFOREDLT). This is necessary as the Java encryption program must encrypt the password value before the record is written to the database.
Set the Encryption Type parameter to ‘Map a constant’. Use any one of these appropriate valid encryption types as the Default Value:
Finally, map your application’s password field to the second parameter by selecting it from the dropdown.
Click Save External Object once done and then rebuild the application.
- Don’t forget to set the
encryption_typeproperty in the Sign On configuration as well to match the encryption type being used for your password values.
- The encryption method only encrypts the password values. For security reasons, passwords values cannot be decrypted. In the case of a forgotten password, users may use the Password Reset functionality to set a new password.
- The External Object does not need to be promoted to production. Simply promote the maintainer application and the mrcSignon2.xml file (Sign On Configuration) file.