Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected links that should have been relative instead of absolute.

Vault is a repository that keeps confidential information secured in the Database. Vault provides a robust security level, by adding more security while saving and accessing the classified data. Instead of storing information as a plain text, Vault is used to securely save and fetch data in an encrypted form. The following services that use Vault :includes Database Info

...

, Custom Plugin

...

, Web

...

Service REST Consumer

...

, and Put-Context-Var Action

...

 .

Expand
titleCreate Vault and Keys

To create a Vault and define its custom keys to store and fetch passwordsthe confidential information:

  1. Go to Develop > Services > Security Vault



  2. Click Create New.



  3. Type the name and description of the new Vault.


  4. You can change Vault Alias before you hit Save. Once saved, you cannot modify the field.

    Info
    titleNote

    The Vault Alias is a unique field. It holds the parameters which in turn are used to save the confidential information.

  5. Type in a key and its value.

  6. Click Add to add a new Parameter.



  7. Click  to view the hidden values. Click  to mask the password. To delete a parameter, click  in front of it.



  8. Expand Advanced Properties to change the project and owner of this vault. Also provide/update permission of Read, Write, and or Execute to Owner, Group, and Others. Click here for more information on how permissions work.
  9. Click Save.

...

  1. .
Expand
titleUsing Vault

Anchor
Using_Vault
Using_Vault

The URL we use in any application contains some confidential information like password which is passed as a plain text. To enhance the security, use vault to encrypt the password instead of providing the password as a plain text. Before using it in the URL, click here to create a new Vault.
After you have created a vault, write the following syntax in the URL of the JDBC drivers (given in the table below) replacing the confidential informationreplace the confidential information while using a service, with the text in the following syntax:

{Vault.aliasName.key}

where,Following an opening curly parentheses, '

  • Vault
'
  • is a keyword
to be used every time
  • (V in 'Vault' is UPPERCASE), preceded by opening curly parentheses.
  • aliasName is the Vault Alias, where the parameter
, which stores the confidential data,
  • is defined.
  • key is the parameter which stores the confidential
data
  • information.
  • Finally closed by a closing curly parentheses.
  • A period is used as a separator between Vault and aliasName; and aliasName and key.

Now if a REST Consumer Web Service is using vault for storing and fetching a password, we define the URL in the form:
http://server:host?username=<username>&password={Vault.aliasName.key}
For example-
http://192.168.1.195:8080?username=admin&password={Vault.safe.client_key}
Image RemovedYou can use Vault to mask the confidential information instead of providing it as a plain text, in the following services:

Expand
titleEdit Vault
  1. Click the Vault Name or, Click  next to the Vault you wish to edit, and select Edit.



    You can edit the information in the window that appears. Note that you cannot CANNOT rename Alias once it is created. Other details that cannot CANNOT be modified are 'Creation Date', 'Modified Date' and, 'Last Modified by'.



  2. Click Save.

...