{"id":9441,"date":"2014-03-20T12:34:51","date_gmt":"2014-03-20T18:34:51","guid":{"rendered":"http:\/\/www.mrc-productivity.com\/techblog\/?p=9441"},"modified":"2023-08-04T14:43:20","modified_gmt":"2023-08-04T20:43:20","slug":"encrypting-passwords","status":"publish","type":"ht_kb","link":"https:\/\/www.mrc-productivity.com\/techblog\/?ht_kb=encrypting-passwords","title":{"rendered":"Encrypting Passwords"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Overview<\/h2>\n\n\n\n<p>m-Power can easily be configured to use any existing encrypted column for password values when securing your applications against a flat file. For more on how to do this, see <a href=\"\/docs\/security\/implementing-security#flat\">this page<\/a>.<\/p>\n\n\n\n<p>While this works great for existing encryptions, it is also possible to use m-Power to encrypt new values as well. To do so, you can use a built-in m-Power external object in any maintainer, which the following steps list in detail.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Step 1 &#8211; Registering the External Object<\/h2>\n\n\n\n<p>First you will need to register the external object needed for your maintainer to m-Power.<\/p>\n\n\n\n<p>Navigate to Admin -> External Objects -> Create New. Press &#8220;Create New External Object&#8221; at the top right of the window. <\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p>Plug in the following information (screenshot on right for reference):<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Object Name: SHA_ENCODE<\/li>\n\n\n\n<li>Description: Password Encryption<\/li>\n\n\n\n<li>Object Type: <strong>Java Method<\/strong><\/li>\n\n\n\n<li>Java Class Name: <strong>com.mrc.ext.SHAEncode<\/strong><\/li>\n\n\n\n<li>Java Method Name: <strong>encode<\/strong><br><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-ht-blocks-messages wp-block-hb-message wp-block-hb-message--withicon is-style-info\">The values in <strong>bold <\/strong>must be set up exactly as shown. <\/p>\n\n\n\n<p>Once done, press Save Object. <\/p>\n\n\n\n<p><\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<figure class=\"wp-block-image size-large\"><a href=\"\/techblog\/images\/encryptpasswords1.png\"><img decoding=\"async\" src=\"\/techblog\/images\/encryptpasswords1.png\" alt=\"\"\/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>Next, find the newly created object in the list of External Objects and select View Parms -> Create New Parameter. Two parameters will be needed for this object:<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p><span style=\"text-decoration: underline;\">Parameter 1<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Description: <strong>Encryption Type<\/strong><\/li>\n\n\n\n<li>Length: <strong>10<\/strong><\/li>\n\n\n\n<li>Required Parm: <strong>Yes<\/strong><\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p><span style=\"text-decoration: underline;\">Parameter 2<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Description: <strong>Password<\/strong><\/li>\n\n\n\n<li>Length: <strong>99<\/strong><\/li>\n\n\n\n<li>Required Parm: <strong>Yes<\/strong><\/li>\n<\/ul>\n<\/div>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Step 2 &#8211; Editing the application<\/h2>\n\n\n\n<p>Next, this External Object will be added into the maintainer application that is built over your password table.<\/p>\n\n\n\n<p>Edit the maintainer and go to Additional Options -> External Objects. Press the Add New External Object button.<\/p>\n\n\n\n<p>Select the Password Encryption object created from Step 1 and select a before action location (*BEFOREACT, *BEFOREADD, *BEFOREUPD, *BEFOREDLT). This is necessary as the Java encryption program must encrypt the password value before the record is written to the database. <\/p>\n\n\n\n<p>Set the Encryption Type parameter to &#8216;Map a constant&#8217;. Use any one of these appropriate valid encryption types as the Default Value:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>MD2<\/li>\n\n\n\n<li>MD5<\/li>\n\n\n\n<li>SHA-1<\/li>\n\n\n\n<li>SHA-256<\/li>\n\n\n\n<li>SHA-384<\/li>\n<\/ul>\n\n\n\n<p>Finally, map your application&#8217;s password field to the second parameter by selecting it from the dropdown.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"\/techblog\/images\/encryptpasswords2.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>Click Save External Object once done and then rebuild the application. <\/p>\n\n\n\n<p class=\"wp-block-ht-blocks-messages wp-block-hb-message wp-block-hb-message--withicon\"><strong>Note<\/strong>: Overwriting the HTML presentation files (m-Painter) during a rebuild is <strong>not <\/strong>required when adding\/modifying External Objects. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Additional Notes<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Don&#8217;t forget to set the<code> encryption_type<\/code> property in the <a href=\"\/docs\/security\/implementing-security#flat\">Sign On configuration<\/a> as well to match the encryption type being used for your password values.  <\/li>\n\n\n\n<li>The encryption method only encrypts the password values. For security reasons, passwords values <strong>cannot <\/strong>be decrypted. In the case of a forgotten password, users may use the <a rel=\"noreferrer noopener\" href=\"\/docs\/knowledge-base\/password-reset\" target=\"_blank\">Password Reset functionality<\/a> to set a new password. <\/li>\n\n\n\n<li>The External Object does not need to be promoted to production. Simply promote the maintainer application and the mrcSignon2.xml file (Sign On Configuration) file.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Overview m-Power can easily be configured to use any existing encrypted column for password values when securing your applications against a flat file. For more on how to do this, see this page. While this works great for existing encryptions, it is also possible to use m-Power to encrypt new&#8230;<\/p>\n","protected":false},"author":3,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"footnotes":""},"ht-kb-category":[155],"ht-kb-tag":[],"class_list":["post-9441","ht_kb","type-ht_kb","status-publish","format-standard","hentry","ht_kb_category-security"],"_links":{"self":[{"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=\/wp\/v2\/ht-kb\/9441","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9441"}],"version-history":[{"count":19,"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=\/wp\/v2\/ht-kb\/9441\/revisions"}],"predecessor-version":[{"id":12052,"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=\/wp\/v2\/ht-kb\/9441\/revisions\/12052"}],"wp:attachment":[{"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9441"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=%2Fwp%2Fv2%2Fht-kb-category&post=9441"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/techblog\/index.php?rest_route=%2Fwp%2Fv2%2Fht-kb-tag&post=9441"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}