Accessing credentials from user Java code

You can access credentials from user Java™ code by editing the Java Compute Node Class in a JavaCompute node.

Before you begin

Create a JavaCompute node in your message flow.

Enable credential lookups from user Java code by completing the following steps:

1. Create Java code for a JavaCompute node as described in Creating Java code for a JavaCompute node.
2. Add user code to implement your required lookup method on MbCredential by adapting one of the following patterns:
   • Use and adapt the following pattern if you have no requirement for updates or performance from caching:

     
     // ----------------------------------------------------------
     // Add user code below
     {
     // Lookup pattern 1, don't care about updates or performance from caching,
     // lookup on each use, minimal exception handling
     
     String username;
     char[] password;
     
     outerLoop : while (true) {
     MbCredential myCred;
     try {
     myCred = MbCredential.getCredential("ODBC", "myDSN");
     } catch (MbException e) {
     throw new RuntimeException("Something went wrong during credential lookup", e);
     }
     if (myCred == null) {
     throw new RuntimeException("Credential cannot be found");
     }
     try {
     Map<String, char[]> credentialProperties = myCred.reloadAndRetrieveProperties();
     
     if (credentialProperties.containsKey(MbCredential.USERNAME))
     username = new String(credentialProperties.get(MbCredential.USERNAME));
     
     if (credentialProperties.containsKey(MbCredential.PASSWORD))
     password = credentialProperties.get(MbCredential.PASSWORD);
     
     break outerLoop;
     
     } catch (MbCredentialDeletedException cde) {
         // oh dear, sad times our original credential has been deleted
     username = null;
     password = null;
     // We can try a new lookup to see if it exists somewhere else in the system in a different provider
     myCred = null;
     }
     }
     }
     // End of user code
     // ----------------------------------------------------------

   • Use and adapt the following pattern if you require full control over updates by using easy access to properties. You need to deal with exception handling to complete this pattern:

     
     // ----------------------------------------------------------
     // Add user code below
     
     // Declare in outer scope
     MbCredential myCred = null;
     String username = null;
     char[] password = null;
     
     
     // Then on each message
     boolean reloadCredentialProperties = false;
     if (myCred != null) {
     try {
     reloadCredentialProperties = myCred.hasBeenUpdated();
     } catch (MbCredentialDeletedException cde) {
     myCred = null; // Force a new lookup
     }
     }
     if (myCred == null) {
     // First time through or after delete, we perform a lookup
     try {
     myCred = MbCredential.getCredential("ODBC", "myDSN");
     } catch (MbException e) {
     throw new RuntimeException("Something went wrong during credential lookup", e);
     }
     if (myCred == null) {
     throw new RuntimeException("Credential cannot be found");
     }
     reloadCredentialProperties = true;
     }
     
     if (reloadCredentialProperties) {
     boolean success = false;
     do {
     try {
     myCred.reload();
     Map<String, char[]> credentialProperties = myCred.retrieveProperties();
     
     if (credentialProperties.containsKey(MbCredential.USERNAME))
     username = new String(credentialProperties.get(MbCredential.USERNAME));
     
     if (credentialProperties.containsKey(MbCredential.PASSWORD))
     password = credentialProperties.get(MbCredential.PASSWORD);
     
     // etc....
     
     success = true;
     } catch (MbCredentialUpdatedException cue) {
         // oh dear, have another go
     username = null;
     password = null;
     } catch (MbCredentialDeletedException cde) {
         // oh dear, sad times our original credential has been deleted
     username = null;
     password = null;
     // We can try a new lookup to see if it exists somewhere else in the system in a different provider
     try {
     myCred = MbCredential.lookupCredential("ODBC", "myDSN");
     } catch (MbException e) {
     throw new RuntimeException("Something went wrong during credential lookup", e);
     }
     if (myCred == null) {
     throw new RuntimeException("Credential has been deleted");
     }
     }
     } while(!success);
     }
     }
     // End of user code
     // ----------------------------------------------------------

   • Use and adapt the following pattern if you require full control over updates by using access methods. You need to deal with exception handling to complete this pattern:

     
     // ----------------------------------------------------------
     // Add user code below
     {
     // Lookup pattern 3. Full control over updates using access methods,
     // Need to deal with exception handling to be complete
     
     // Declare in outer scope
     MbCredential myCred = null;
     String username = null;
     char[] password = null;
     
     
     // Then on each message
     boolean reloadCredentialProperties = false;
     if (myCred != null) {
     try {
     reloadCredentialProperties = myCred.hasBeenUpdated();
     } catch (MbCredentialDeletedException cde) {
     myCred = null; // Force a new lookup
     }
     }
     if (myCred == null) {
     // First time through or after delete, we perform a lookup
     try {
     myCred = MbCredential.getCredential("ODBC", "myDSN");
     } catch (MbException e) {
     throw new RuntimeException("Something went wrong during credential lookup", e);
     }
     if (myCred == null) {
     throw new RuntimeException("Credential cannot be found");
     }
     reloadCredentialProperties = true;
     }
     
     if (reloadCredentialProperties) {
     boolean success = false;
     do {
     try {
     myCred.reload();
     if (myCred.hasUsername())
     username = new String(myCred.username());
     if (myCred.hasPassword())
     password = myCred.password();
     // etc....
     success = true;
     } catch (MbCredentialUpdatedException cue) {
         // oh dear, have another go
     username = null;
     password = null;
     } catch (MbCredentialDeletedException cde) {
         // oh dear, sad times our original credential has been deleted
     username = null;
     password = null;
     // We can try a new lookup to see if it exists somewhere else in the system in a different provider
     try {
     myCred = MbCredential.lookupCredential("ODBC", "myDSN");
     } catch (MbException e) {
     throw new RuntimeException("Something went wrong during credential lookup", e);
     }
     if (myCred == null) {
     throw new RuntimeException("Credential has been deleted");
     }
     }
     } while(!success);
     }
     }
     // End of user code
     // ----------------------------------------------------------

3. Update the server.conf.yaml file as follows:
   1. In the Credentials section, enable userRetrievableCredentialTypes and set the value to 'userdefined', '', or 'ALL' as required.

   2. 
      Credentials:
      userRetrievableCredentialTypes: 'userdefined' # Sets the comma-separated list of credential types that user code is allowed to reference.
                                                    # Default is 'userdefined'.
                                                    # The list can be empty to disallow credential lookups from user code.
                                                    # Set the value to 'ALL' to allow access to credentials of any type from user code.