Accessing credentials from user Java code
You can access credentials from user Java™ code by editing the Java Compute Node Class in a JavaCompute node.
Before you begin
Create a JavaCompute node in your message flow.
Procedure
Enable credential lookups from user Java code by completing the following steps:
- Create Java code for a JavaCompute node as described in Creating Java code for a JavaCompute node.
- Add user code to implement your required lookup method on MbCredential by adapting one of
the following patterns:
- Use and adapt the following pattern if you have no requirement for updates or performance from
caching:
// ---------------------------------------------------------- // Add user code below { // Lookup pattern 1, don't care about updates or performance from caching, // lookup on each use, minimal exception handling String username; char[] password; outerLoop : while (true) { MbCredential myCred; try { myCred = MbCredential.getCredential("ODBC", "myDSN"); } catch (MbException e) { throw new RuntimeException("Something went wrong during credential lookup", e); } if (myCred == null) { throw new RuntimeException("Credential cannot be found"); } try { Map<String, char[]> credentialProperties = myCred.reloadAndRetrieveProperties(); if (credentialProperties.containsKey(MbCredential.USERNAME)) username = new String(credentialProperties.get(MbCredential.USERNAME)); if (credentialProperties.containsKey(MbCredential.PASSWORD)) password = credentialProperties.get(MbCredential.PASSWORD); break outerLoop; } catch (MbCredentialDeletedException cde) { // oh dear, sad times our original credential has been deleted username = null; password = null; // We can try a new lookup to see if it exists somewhere else in the system in a different provider myCred = null; } } } // End of user code // ----------------------------------------------------------
- Use and adapt the following pattern if you require full control over updates by using easy
access to properties. You need to deal with exception handling to complete this pattern:
// ---------------------------------------------------------- // Add user code below // Declare in outer scope MbCredential myCred = null; String username = null; char[] password = null; // Then on each message boolean reloadCredentialProperties = false; if (myCred != null) { try { reloadCredentialProperties = myCred.hasBeenUpdated(); } catch (MbCredentialDeletedException cde) { myCred = null; // Force a new lookup } } if (myCred == null) { // First time through or after delete, we perform a lookup try { myCred = MbCredential.getCredential("ODBC", "myDSN"); } catch (MbException e) { throw new RuntimeException("Something went wrong during credential lookup", e); } if (myCred == null) { throw new RuntimeException("Credential cannot be found"); } reloadCredentialProperties = true; } if (reloadCredentialProperties) { boolean success = false; do { try { myCred.reload(); Map<String, char[]> credentialProperties = myCred.retrieveProperties(); if (credentialProperties.containsKey(MbCredential.USERNAME)) username = new String(credentialProperties.get(MbCredential.USERNAME)); if (credentialProperties.containsKey(MbCredential.PASSWORD)) password = credentialProperties.get(MbCredential.PASSWORD); // etc.... success = true; } catch (MbCredentialUpdatedException cue) { // oh dear, have another go username = null; password = null; } catch (MbCredentialDeletedException cde) { // oh dear, sad times our original credential has been deleted username = null; password = null; // We can try a new lookup to see if it exists somewhere else in the system in a different provider try { myCred = MbCredential.lookupCredential("ODBC", "myDSN"); } catch (MbException e) { throw new RuntimeException("Something went wrong during credential lookup", e); } if (myCred == null) { throw new RuntimeException("Credential has been deleted"); } } } while(!success); } } // End of user code // ----------------------------------------------------------
- Use and adapt the following pattern if you require full control over updates by using access
methods. You need to deal with exception handling to complete this pattern:
// ---------------------------------------------------------- // Add user code below { // Lookup pattern 3. Full control over updates using access methods, // Need to deal with exception handling to be complete // Declare in outer scope MbCredential myCred = null; String username = null; char[] password = null; // Then on each message boolean reloadCredentialProperties = false; if (myCred != null) { try { reloadCredentialProperties = myCred.hasBeenUpdated(); } catch (MbCredentialDeletedException cde) { myCred = null; // Force a new lookup } } if (myCred == null) { // First time through or after delete, we perform a lookup try { myCred = MbCredential.getCredential("ODBC", "myDSN"); } catch (MbException e) { throw new RuntimeException("Something went wrong during credential lookup", e); } if (myCred == null) { throw new RuntimeException("Credential cannot be found"); } reloadCredentialProperties = true; } if (reloadCredentialProperties) { boolean success = false; do { try { myCred.reload(); if (myCred.hasUsername()) username = new String(myCred.username()); if (myCred.hasPassword()) password = myCred.password(); // etc.... success = true; } catch (MbCredentialUpdatedException cue) { // oh dear, have another go username = null; password = null; } catch (MbCredentialDeletedException cde) { // oh dear, sad times our original credential has been deleted username = null; password = null; // We can try a new lookup to see if it exists somewhere else in the system in a different provider try { myCred = MbCredential.lookupCredential("ODBC", "myDSN"); } catch (MbException e) { throw new RuntimeException("Something went wrong during credential lookup", e); } if (myCred == null) { throw new RuntimeException("Credential has been deleted"); } } } while(!success); } } // End of user code // ----------------------------------------------------------
- Use and adapt the following pattern if you have no requirement for updates or performance from
caching:
- Update the server.conf.yaml file as follows:
- In the
Credentials
section, enable userRetrievableCredentialTypes and set the value to'userdefined'
,''
, or'ALL'
as required. -
Credentials: userRetrievableCredentialTypes: 'userdefined' # Sets the comma-separated list of credential types that user code is allowed to reference. # Default is 'userdefined'. # The list can be empty to disallow credential lookups from user code. # Set the value to 'ALL' to allow access to credentials of any type from user code.
- In the