Troubleshooting
Problem
How to encrypt user password stored in database : YCPValidateChangedPasswordUE
Symptom
MCF/SSCAP stores user password in YFS_USER table. Anyone having access to database can get password for any user.
How can password stored in YFS_USER table be encrypted?
Resolving The Problem
User needs to implement the YCPValidateChangedPasswordUE for password
encryption. This user exit returns the encrypted password. This user exit will
be called whenever createUserHierarchy/manageUserHierarchy API is called to
create/update information about user. For password encryption one needs to
write relevant custom logic inside this user exit. Password in the database
will be stored in encrypted form (password returned by this user exit).
IS_PASSWORD_ENCRYPTED column will be set to Y when this user exit is invoked
for the user.
User also needs to implement the
YCPCheckPasswordsMatchUE user exit to validate the password. Input of this user
exit will have password entered by the user (GivenPassword) and encrypted
password in database (ExistingPassword).
User needs to use the same
custom logic used for encryption to compare these passwords. If both the
passwords match then PasswordsMatch=”Y” else
PasswordsMatch=”N” should be returned.
Historical Number
NFX5551
Product Synonym
[<p><b>]Function Area[</b><p>];User login security;[<p><b>]Severity[</b><p>];Normal;[<p><b>]Type[</b><p>];NormalFix
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21558623