Versions Compared

Old Version 1

changes.mady.by.user Fiona Sargeant

Saved on

compared with

New Version 2

changes.mady.by.user Fiona Sargeant

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Insert excerpt
_Banners
_Banners
nameanalysis
nopaneltrue

This page is for data modellers who need to provide securely-stored credentials to access data via HTTP by providing authentication.

Overview

When importing data via HTTP, you sometimes need to provide authentication to an external site. You can do this by storing There are 2 parts to this:

  1. To store the username and password, use one of the following methods:
encrypted within
    • This option is not secure.
    • encrypted as a PhixFlow local secret
as 2 key-value pairs, as described below.
  • encrypted within a keystore, where the key is generated by PhixFlow and the same key+value is stored in the keystore.
    • Store Authentication in Plain Text
    2. To use the username and password
      1. In an analysis models, connect the HTTP datasource to a HTTP modelling object:
      2. In the expression within the modelling object, reference the username, password. Expression fields are: 
        • HTTP collectors and HTTP exporters → URL Expression or Statement Expression 
        • HTTP Headers Properties → Basic Settings → Value.

    Using an HTTP Datasource Instance 
    Anchor
    plain
    plain


    Warning

    This method stores a username and password in plain text in the PhixFlow database.

    Step 1

    :

    Store

    the credentials

    :

    1. Open a HTTP datasource properties
    2. in the HTTP Datasource Instances section add a new instance
    3. In the instance, enter the details for the Name, Username and Password properties.
    4. Tick Enabled.
    5. Save the properties.

    Step 2: Use

    the credentials

    :

    In an analysis models, the HTTP datasource must have a HTTP collector or HTTP exporter connected to it. Expressions within the HTTP collector and exporter can use the following variables to reference the username and password.To use a username or password in an expression, specify the following variables:

    PropertiesVariable
    Username %USERNAME%
    Password%PASSWORD%.

    Store Authentication Encrypted in PhixFlow

    When you run analysis, PhixFlow looks in the associated HTTP datasource instance for the value set in the Username and Password properties and uses them to authenticate to the external site.

    Using the PhixFlow Secret Key 
    Anchor
    secret
    secret

    Step 1 Store:

    To store a username and password encrypted in PhixFlow, configure a key/value pair using the secret key. 

    1. In a HTTP Datasource datasource properties → Secret Key Details section, click 
      Insert excerpt
      _add
      _add
      nopaneltrue
       to create a new secret key. PhixFlow opens the secet key properties.
    2. Enter a Name and click
      Insert excerpt
      _save
      _save
      nopaneltrue
      .
    3. PhixFlow automatically creates a key for this secret. The key is a combination of the name and a string that is the internal ID of the HTTP datasource.
    4. In the Secret field, click
      Insert excerpt
      _add
      _add
      nopaneltrue
       to create a new Local Secret itemthe associated value. PhixFlow opens the new local secret properties.
    5. In the local secret → Secret field, add the value, which PhixFlow stores encrypted.

    You can use the secret key name to refer to the encrypted value in:

    • HTTP collectors and exporters → URL Expression or Statement Expression fields in
    • HTTP Headers Properties → Basic Settings → Value.
    by specifying
    2.   Click 
      Insert excerpt
      _finish
      _finish
      nopaneltrue
       to save and close the local secret.
    3. PhixFlow adds a string of asterisks *** to the Secret field to show you have configured the value.
    4. Click 
      Insert excerpt
      _finish
      _finish
      nopaneltrue
       to save and close the secret key.

    For details of the properties of a secret key, see Secret Key and Local Secret.

    Step 2: Use:

    In an expression, specify 2 keys, one for the username and one for the password, using
        ${_datasource.key}  where key is the Name of the secret key.                                                                                                                                                          

    When you run analysis, PhixFlow uses the secret key Name to find the key, which finds the encrypted secret. It then looks in the associated HTTP datasource for the specified key and provides the de-encrypted value to authenticate to the external site.

    Using the Keystore 
    Anchor
    keystore
    keystore

    If you have configured a Java keystore Configure a Keystore and Aliases and Adding Data to a Keystore you can use this to store secure credentials instead of using a Local Secret. 

    Step 1 Create the key:

    To create a key /value pair, in an HTTP datasource properties → for the username or password: 

    1. In a HTTP datasource properties → Secret Key Details
    section
    1.  section, click 
      Insert excerpt
      _add
      _add
      nopaneltrue
       to create a new secret key.
    Insert excerpt_property_toolbar_property_toolbarnopaneltrueSecret Key  Insert excerpt_property_tabs_property_tabsnamebasic-hnopaneltrue Insert excerpt_parent_parentnopaneltrue

    Basic Settings

    FieldDescriptionNameEnter a name.  
    1. PhixFlow opens the secet key properties.
    2. Enter a Name and click
      Insert excerpt
      _save
      _save
      nopaneltrue
     the properties. Use this name in expressions to refer to this key using ${_datasource
    1. .
    key} .Key
    Read-only. When you save the secret key,
    1. PhixFlow automatically
    generates
    1. creates a
    unique
    1. key
    in
    1. for this
    field.Enabled  Insert excerpt_check_box_tick_check_box_ticknopaneltrue to indicate you have completed configuring the secret key and associated local secret value, and it is ready to use. The local secret value may be null. Insert excerpt_check_box_untick_check_box_unticknopaneltrue means a reference to this secret key in an expression will fail.Secret
    1. secret. The key is a combination of the name and a string that is the internal ID of the HTTP datasource.
    2. Copy the key to use in the keystore.
    3. Click 
      Insert excerpt
      _
    add
    1. finish
      _
    add
    1. finish
      nopaneltrue
       to
    create a local secret item, where you can enter the value, such as a password, that is paired with this secret key; see Local Secret Properties, below.

    When you save the local secret, PhixFlow displays asterisks here to show that the secret value has been encrypted.

    To edit a secret value, click  Insert excerpt_edit_editnopaneltrue.
    To delete a secret value, click  Insert excerpt_delete_deletenopaneltrue.

    If you don't define a secret, PhixFlow will look for secret in its own secret service or in the keystore.

  • Configure a Keystore and Aliases
    1. save and close the secret key.

    For details of the properties of a secret key, see Secret Key and Local Secret.

    Step 2: Store:

    In the keystore, use the copied key and the username/password values to store key-value pairs; see Adding Data to a Keystore. Insert excerpt_description_descriptionnopaneltrue

    Insert excerpt_audit_auditnopaneltrueLocal Secret  Insert excerpt_property_tabs_property_tabsnamebasic-hnopaneltrue  AnchorvaluevalueFieldDescriptionKeyRead only. The same automatically-generated key in the secret key paired with this local secret.SecretEnter the value that you want to encrypt, such as a password. To switch between displaying or hiding the value, click  Insert excerpt_password_view_password_viewnopaneltrue.

    PhixFlow encrypts the value when storing it in the database, but when it is required to authenticate to an external site, PhixFlow supplies the unencrypted string. 

    Insert excerpt_audit_auditnopaneltrue

    The name is what you refer to in an expression. Internally tables

    You can have key without a secret

    GUI presents it as a name a flag and a secret.

    in the properties Name - key, secret

    Store Authentication Encrypted in the Keystore

    todo-fiona

    Define a local key secret and enter keynames

    Internal IDs

    If you dont put in a local secret

    it will look in the keystore

    If you have configured a Java keystore Configure a Keystore and Aliases and Adding Data to a Keystore  you can use this to store secure credentials instead of using a Local Secret. 

    If you want to you can use a keystore.

    32 digits.password key

    32 digits = datasource

    Datasource and HTTP Datasource modelling objects have properties → Advanced → Internal ID.

    This is a read-only field that provides the database identifier for the datasource. 

    You can supply a key-value pair to the keystore. However, the username and password key or value requires the datasource ID.

    EG. Datasource needs a username XYZ and password ABC 

    Key datasource1-username - internalIDXYZ

    Key datasource1-pw - internalIABC

    Why its there is to help with debugging complex issues as requested by support...

    Datasource 

  • Store the username key-value pair in the keystore.
  • Store the password key-value pair in the keystore.
    • To reference them, in the expressions, use ${_datasource.key}  where key is the key

    Step 3: Use:

    In an expression, specify 2 keys, one for the username and one for the password, using
        ${_datasource.key}  where key is the Name of the secret key.                                                                                            

    When you run analysis, PhixFlow looks for the specified key:

    • first in the associated HTTP datasource
    • then in the keystore.

    PhixFlow provides the de-encrypted value to authenticate to the external site.

    Note

    It is possible to create and to use a key without adding the associated value to:

    • either the local secret
    • or the keystore

    If you run analysis on a model containing an HTTP object that cannot find a value for a key, it will cause an error.


    Live Search
    spaceKey@self
    additionalnone
    placeholderSearch all help pages
    typepage

    Panel
    borderColor#00374F
    titleColorwhite
    titleBGColor#00374F
    borderStylesolid
    titleSections on this page

    Table of Contents
    maxLevel3
    indent12px
    stylenone

    Learn More

    For links to all pages in this topic, see Analysis Models for Batch Processing Data.

    Insert excerpt
    _terms_changing
    _terms_changing
    nopaneltrue