Project and Portfolio Management Practitioners Forum
cancel

Is it possible to set a token without showing the output in PPM execution log?

Highlighted
bzdafro
Honored Contributor.

Is it possible to set a token without showing the output in PPM execution log?

Hi

 

I would like to retrieve a password from a 3rd party tool and pass it to a script.   In order to do this, I need to run a command which will output the password.   I dont want it to show in the execution log.   The only way I can think to do this is redirect the password to a file, then copy the contents of the file to a token.   However, this would require me to cat the file, then use exec_output, which would reveal the password in the log.   Is there any way to get the password into a password token without having it display in PPM?

 

something like this, but without revealing the password in the log.

cat password.txt

ksc_store [P.SECRET] = [EXEC_OUTPUT] 

 

or this (but I know this is not possible)

retrieve password from safe > [P.SECRET]

 

 

4 REPLIES
Erik Cole
Acclaimed Contributor.

Re: Is it possible to set a token without showing the output in PPM execution log?

Hey...what about handling all the password retrieval inside a script. PPM just calls the script, it calls the other one or whatever, passes back the end result...

Oscar_Pereira
Honored Contributor.

Re: Is it possible to set a token without showing the output in PPM execution log?

 ksc_store will always show the password in the log.  As Erick said, using a script and handling all the logic inside this script to store the password in the token. Then pass the result to the second script

 

bzdafro
Honored Contributor.

Re: Is it possible to set a token without showing the output in PPM execution log?

I follow what your saying about the script.  However I need to store the value into a PPM token.  Can I run a script that has ksc_store in it?  I believe this is a PPM  command and can only be run from PPM , and not within a script.   

Jim Esler
Acclaimed Contributor.

Re: Is it possible to set a token without showing the output in PPM execution log?

You are correct that ksc_store cannot be run within a script. You will need to store the value directly in the database:

 

1) Define the field with the Password Field validation.

2) In the script that retrieves the password value, use kEncrypt.sh to encrypt it. Strip off the string #!# that this script places at the start and end of the encrypted value.

3) Place the encoded password value in a sql script that writes the value directly to the proper location in the kcrt_request_details table for the request. Execute this sql script with one of the ksc special commands or with sqlplus.

4) Flush the Requests cache.