Cybersecurity
DevOps Cloud
IT Operations Cloud
You may have to provide a password when you create DA components and processes. These may be the password for the component source type (such as Dimensions CM, PVCS VM, Artifactory, etc.), or the password may be necessary for a process step, such as a password for a JBOSS server, or a database or another system. We all know that passwords must be changed from time to time.
Rather than editing all of your component details pages, or reviewing all of your process steps each time a password changes, consider placing the password in a property.
If the password will be used for retrieving component versions, you may wish to consider a system property for this password.
If the password is used in a process and the password will be the same in all environments (DEV, QA, PROD, etc.), you may wish to place the property in the system properties list. However, if the DEV JBOSS server (for example) has a different password than the QA JBOSS server, then you may wish to place those passwords in the environment properties for each of the environments where you will use the password.
You should consider keeping a list of all the properties used for passwords and which password it is. You do not need to write down the actual password, but you should consider a list of usernames and whether the password is stored in the system area, environments area, or some other area. This way, whenever you get notice that a password has been changed, you need to update the properties in one or a few places.
As you create the property remember to check the box for "secure". This encrypts the password and does not allow the value to be displayed in any of the DA screens and it also removes that value from any DA log files. The password itself is stored in the database and is encrypted using a Blowfish algorithm.