How to encrypt user password stored in database : YCPValidateChangedPasswordUE

Troubleshooting

Problem

Symptom

MCF/SSCAP stores user password in YFS_USER table. Anyone having access to database can get password for any user.

How can password stored in YFS_USER table be encrypted?

Resolving The Problem

User needs to implement the YCPValidateChangedPasswordUE for password encryption. This user exit returns the encrypted password. This user exit will be called whenever createUserHierarchy/manageUserHierarchy API is called to create/update information about user. For password encryption one needs to write relevant custom logic inside this user exit. Password in the database will be stored in encrypted form (password returned by this user exit). IS_PASSWORD_ENCRYPTED column will be set to Y when this user exit is invoked for the user.

User also needs to implement the YCPCheckPasswordsMatchUE user exit to validate the password. Input of this user exit will have password entered by the user (GivenPassword) and encrypted password in database (ExistingPassword).
User needs to use the same custom logic used for encryption to compare these passwords. If both the passwords match then PasswordsMatch=”Y” else PasswordsMatch=”N” should be returned.

[{"Product":{"code":"SS6PEW","label":"IBM Sterling Order Management"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"Not Applicable","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Historical Number

NFX5551

Product Synonym

[]Function Area[];User login security;[]Severity[];Normal;[]Type[];NormalFix

Tips

How to encrypt user password stored in database : YCPValidateChangedPasswordUE

Troubleshooting

Problem

Symptom

Resolving The Problem

Historical Number

Product Synonym

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?