on 01-20-2009 9:08 AM
Hi,
I'm facing some issue When i try to store the MX_ENCRYPTED_PASSWORD.
i have used the below script to encrypt the password
function fnDes(Par){
key = "C:
Program Files
SAP
IdM
Workflow
configs
KEY
keys.ini";
return UserFunc.uDESEncrypt(key,Par);
}
The job runs without error but it stores null value for this attribute in the backend. if i use
return UserFunc.uDESEncrypt("",Par);
It throws some error. Please help am i missing anything?
Regards,
Pricy
Hi Dominik,
I saw in help file that
"The Java components, the runtime engine and import/export, require the Java Cryptography Extension (JCE) 1.2.2 for triple DES encryption. "
Do we need to install this JCE? i havent installed this software.
Regards,
Pricy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Dominik,
Thanks for all your replies.
I'm new to IDM and working on 7.0
i have placed the key in c:keys.ini still it throws the same key byte error.
I have also tried using half the key (first or second half as you have mentioned) it throws the below error:
org.mozilla.javascript.EvaluatorException: uDESEncrypt got exception decoding buffer.
if i dont specify any key like userfunc.udesencrypt("",Par) it throws the below error:
org.mozilla.javascript.JavaScriptException: java.lang.UnsupportedOperationException: java.lang.NoClassDefFoundError: javax/crypto/SunJCE_b : cannot initialize class because prior initialization attempt failed
As i havent worked in java i'm not able to sort out the issue.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Pricy,
if you write in the key as parameter it has to be done like described in the help:
EncryptionKey
The encryption key. Can be hex-encoded, prefixed with .
If this is empty, the default key file is used. If this is not found, the internal key is used.
It can contain a valid key file name, including the path.
It can contain a valid key that is used for encryption.
But, if I use half of the key without the it works for my decrypt script which should be similar to the encrypt script.
I guess there is another reason which does not directly has to do with the encrypt/decrypt scripts. Maybe the Java Runtime installation is not complete or the Javascript implementation "js.jar" in the "Identity Center" folder is somehow corrupt.
Best regards
Dominik
hi Dominik,
i have tried the methods and have also replaced the key with the key value it still throws the error the key has to be 24 byte long.
the key is used was B54871D505A7A8C66F3093CF287483EDEB299C8A16202170
Regards,
Pricy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Pricy,
I remember now that one key, which is stored in the key.ini, is 48 Byte long. So the first half (or was it the second?) has to be taken.
I tried several times before I got it right back then, so do not give up, it has to work. But I guess that there is another problem, maybe with the file itself or the path to the file. Have you tried storing it in C:\key.ini already?
By the way, what do you use, IdM 7.0 or 7.1? I only used 7.0 by now.
Best regards
Dominik
Hi Dominik,
i'm able to login to the workflow as it is refering the MX_PASSWORD attribute.
value for encrypted password attribute is $FUNCTION.fnDes(%Password%)$$.
if i pass the value %password% without any function it is able to store it in DB. The problem comes only when i use the encryption method.
Correct me if anyother configuration has to be made. I have specified the encryption algorithm as 3DES for both IC and the IS.
Regards,
Pricy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Pricy,
sorry, i meant:
UserFunc.uErrMsg(1, Password))
to write it into the Job log not logging into the workflow.
The specification should be OK, too.
Have you tried taking the encryption key from the .ini-file and use it as first parameter in the script like uDESEncrypt("1234ABC..." , Password)?
Best regards
Dominik
Hi Dominik,
I have installed IDM in my local server. key.ini file is in my local, the file is the default one which was created when installing IDM workflow
Regards,
Pricy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Pricy,
this seems to be OK then.
As it is the standard file, there should be no problems, too. So the "" as first parameter should do the work.
In the pass you call your script, is there everything set up like
$FUNCTION.isv_encryptPassword(%userPassword%)$$
Have you tried logging before returning the value? Or logging the parameter?
I would have tried this to ensure that the problem does not refer to the storing in the database but exists somewhere before during encryption or .
Best regards
Dominik
Hi Dominik,
Thanks for ur reply.
actual key that i have used is C:
Program Files
SAP
IdM
Workflow
configs
KEY
keys.ini
but the
are replaced by enter in the post. i tried the way using file:
or / or\ it throws error as
org.mozilla.javascript.EvaluatorException: uDESEncrypt: Key should be exactly 24 bytes long
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Pricy,
have you tried
"file://C:\\Program Files\\SAP\\IdM\\Workflow\\configs\\KEY\\keys.ini"
or replacing the \ by /?
Best regards
Dominik
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
83 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.