Obscure Data - Process Data Values Service
The Obscure Data - Process Data Values service inserts up to five preconfigured parameter name-value pairs into process data.
The following table provides an overview of the Obscure Data - Process Data Values service:
Category | Description |
---|---|
System name | ObscureParameter |
Graphical Process Modeler (GPM) category | All Services (as ObscureParameter) |
Description | Each instance of the Obscure Data - Process Data Values service can be used to insert up to five preconfigured parameter name-value pairs into process data. The values that are associated with each of the parameter names are masked by replacing the original content with an unintelligible version. The unobscured plain text value can be retrieved by using the revealObscured XPath function. |
Business usage | In Sterling B2B Integrator, the data processed by a business process (contents of process data, primary document), as it is being executed or after it has finished executing is readily available in plain text and easily viewable. The purpose of the Obscure Data - Process Data Values service is to help restrict access to sensitive data, such as passwords, etc., by masking them and converting the values to unintelligible ones. If you need to obscure the entire content of the primary document, use the Obscure Data - Obscure Primary Document service and if you only need to obscure certain elements in process data, use the Obscure Data - Process Data Values service. |
Usage example | Assume that a business process has been set up to route information based on the information stored in a secure repository. The security credentials (user ID, password, etc.) required to access the secure repository could be obscured while configuring the Obscure Data - Process Data Values service and retrieved only within the adapter used to establish a connection to the secure repository. |
Preconfigured? | Yes |
Requires third-party files? | No |
Platform availability | All supported Sterling B2B Integrator platforms |
Related services | This service is designed to work with the RevealObscured XPath function. See revealObscured XPath Function for more information. |
Application requirements | The parameter name-value pairs to be inserted into process data must be specified while configuring the service instance in Sterling B2B Integrator, in order to prevent unauthorized viewing of sensitive information in the Graphical Process Modeler (GPM) or the BPML code. |
Initiates business processes? | No |
Invocation | This service is invoked from within a business process. |
Business process context considerations | This service inserts the configured, and obscured, parameters into process data. It does not affect the primary document. |
Returned status values | Possible values:
|
Restrictions | None |
Persistence level | System default |
Testing considerations | None |
Implementing the Obscure Data - Process Data Values service
- Create an Obscure Data - Process Data Values service configuration. For information, see Managing Services and Adapters.
- Configure the adapter. For information, see Configuring the Obscure Data - Process Data Values service.
- Create and enable a business process that includes the Obscure Data - Process Data Values service.
- Test the business process and the service.
- Run the business process.
Configuring the Obscure Data - Process Data Values service
To configure the Obscure Data - Process Data Values service, you must specify field settings in Sterling B2B Integrator:
Field | Description |
---|---|
Name | Unique and meaningful name for the adapter configuration. Required. |
Description | Meaningful description for the adapter configuration, for reference purposes. Required. |
Select a Group | Select one of the options:
Note: For more information about groups, see Managing Services
and Adapters.
|
Parameter Name | Name of the obscured parameter. Obscure Data - Process Data Values service uses the value you specify for this parameter as the element name in the ProcessData of the business process. This service creates process data elements based on the name-value pairs. |
Parameter Value | Value of the obscured parameter. Obscure Data -
Process Data Values service encrypts the value you specify for this
parameter. The service uses the encrypted representation for the value
in ProcessData with the Parameter Name for the element. The following
example illustrates the encrypted value in an example of process data: This service creates process data
elements based on the name-value pairsNote: The value you specify
for this parameter must comply with the XML naming rules for XML elements
and XML syntax rules. For more information on XML conventions, see http://www.w3.org/XML/.
|
This service creates process data elements based on the name-value pairs provided during configuration. No Obscure Data - Process Data Values service parameters are configured with the GPM. To retrieve the unobscured parameter values, use the revealObscured XPath function.
revealObscured XPath Function
The revealObscured XPath function is used to retrieve values associated with the obscured parameter names, in plain text form.
The syntax and an example demonstrating the usage of the revealObscured XPath function is shown below:
Syntax:
revealObscured
(
Name of Obscured Parameter)
Example:
revealObscured(
obscuredPasswordParameterName)
The revealObscured XPath function can be used in an assign statement in a service invocation. For example, if a service requires a password passed from the workflow context, you could enter this password using the Obscure Data - Process Data Values service to prevent a plain text password from being passed in the business process. The following assign statement could be then used to pass the plain text password to the service.
<assign to="password" from="revealObscured(
ParameterName)"/>
Example Business Processes
The first example uses a single parameter in the Obscure Data - Process Data Values service to take a user's password, obscure it and add it to process data. In this case, the User ID is specified in the Parameter Name field and the associated password is specified in the Parameter Value field. See Configuring the Obscure Data - Process Data Values service for more information. Then, when needed in the business process, the revealObscured XPath function is used to retrieve the obscured password from process data in a plain text (unobscured) form. The User ID and password can then be used to perform some function, for example, access a system folder.
<process name=”Obscure_Data_Process_Data_Values_Example”>
<sequence>
<!-- Use the Obscure Data - Process Data Values service to add the obscured
password to process data for later retrieval and use in the business
process -->
<operation name="ObscureParameter">
<participant name="Example_Obscure_Param"/>
<output message="ObscureParameterInputMessage">
<assign to="." from="*"></assign>
</output>
<input message="inmsg">
<assign to="." from="*"></assign>
</input>
</operation>
INSERT OTHER BUSINESS PROCESS OPERATIONS HERE
<!-- Retrieve the obscured password from process data and unobscure it using
the revealObscured XPath function -->
<assign to="RevealedPassword" from="revealObscured(User ID)"append="true">
</assign>
<!-- Use the User ID and Password to gain access to a system folder -->
INSERT OTHER BUSINESS PROCESS OPERATIONS HERE
</sequence>
</process>
The next example uses the Obscure Data - Process Data Values service to obscure both the User ID and password and add them to process data. In this example, there will be two parameters specified. For the first parameter, UserID is specified in the Parameter Name field and the actual User ID is specified in the Parameter Value field. For the second parameter, Password is specified in the Parameter Name field and the password associated with the User ID is specified in the Parameter Value field. Then, when needed, the revealObscured XPath function is used to retrieve the two parameters from process data in a plain text (unobscured) form. The unobscured User ID and password are then available to be used as needed in the business process.
<process name=”Obscure_Data_Process_Data_Values_Example”>
<sequence>
<!-- Use the Obscure Data - Process Data Values service to add obscured
User ID and Password parameters to process data for later retrieval
and use in the business process -->
<operation name="ObscureParameter">
<participant name="Example_Obscure_Param"/>
<output message="ObscureParameterInputMessage">
<assign to="." from="*"></assign>
</output>
<input message="inmsg">
<assign to="." from="*"></assign>
</input>
</operation>
INSERT OTHER BUSINESS PROCESS OPERATIONS HERE
<!-- Retrieve unobscured UserID and Password values from process data using
the revealObscured XPath function -->
<assign to="RevealedUserID" from="revealObscured(UserID)"append="true">
</assign>
<assign to="RevealedPassword" from="revealObscured(Password)" append="true">
</assign>
<!-- Use the unobscured UserID and Password values as needed in your business
process -->
INSERT OTHER BUSINESS PROCESS OPERATIONS HERE
</sequence>
</process>