support: Customer Portal
Focused on delivering choice, investment protection and flexibility to organizations with valuable COBOL assets
 

Veryant Knowledge Base
Home > All Categories > Data Access > How to hide the user and password used to connect to an RDBMS
Question Title How to hide the user and password used to connect to an RDBMS

One of the key runtime properties used to connect to an RDBMS from isCOBOL is the iscobol.jdbc.url (among others). It is usually included in a text formatted properties file. For example, the following properties would be included to connect to an Oracle DB.

  iscobol.jdbc.url=jdbc:oracle:thin:orauser1/0raPw1@127.0.0.1:1521:xe
  iscobol.jdbc.driver=oracle.jdbc.OracleDriver
It is clear that the user "orauser1" and the password "0raPw1" are visible at plain sight.
However, by leveraging the ability of isCOBOL to set runtime properties dynamically, those could be hidden following these tips.

1. Create an ISAM file to store the user and password, including 1 field for each one. For example.
 fd  db-credentials.
 01  db-cred-rec.
     05 db-user     pic x(10).
     05 db-password pic x(16).

2. Create an isCOBOL program to save the user and password on that ISAM file, just as you would save any other data on an indexed file.
Instead, for the password you may use the "a$encrypt" system routine to encrypt it before saving. See the following excerpt.

    call "a$encrypt" using ws-password 
                           "thekey01"
                           db-password

3. Remove the iscobol.jdbc.url property from your text properties file.

4. On the connection program, before the CONNECT statement you will read the ISAM file and decrypt the password as follows.

    call "a$decrypt" using db-password 
                           "thekey01"
                           ws-password

5. Finally put together the jdbc.url property dynamically as follows, just before the CONNECT statement.

 connect-to-db.
    initialize ws-jdbc-url
    string "jdbc:oracle:thin:" delimited by size
           db-user delimited by trailing spaces
           "/" delimited by size
           ws-password delimited by trailing spaces
           "@127.0.0.1:1521:xe"
      into ws-jdbc-url
    end-string

    set environment "jdbc.url"
        to ws-jdbc-url

Authored by: Veryant Support This question has been viewed 217 times so far.
Click Here to View all the questions in Data Access category.
File Attachments File Attachments
How helpful was this article to you?
User Comments User Comments Add Comment
There are no user comments for this question. Be the first to post a comment. Click Here
Related Questions Related Questions
  1. File Types Comparison : isCOBOL - Micro Focus COBOL - ACUCOBOL-GT - RM/COBOL
  2. How do I interpret file status 9? and other EXFS extended file status codes (e.g. 9i,105)?
  3. What format does isCOBOL use for ORGANIZATION RELATIVE files?
  4. What is 9l,10 error and why is it happening?
  5. Does isCOBOL supports Data General file status codes?
  6. Can we use Micro Focus data format and indexed files directly or do they need some type of conversion?
  7. Can I install the UDBC 32 bit on my 64 bit computer in order to have the Veryant * driver for ODBC32 bits Administrator?
  8. Why do I get the error message “java.lang.ClassNotFoundException: ctree2" ?
  9. Can I call from an isCobol program a stored procedure?
  10. Why do I get 'ct_init ERROR 19:133:0' ?
  11. Did you know you can use an alias to map a different disk file name to an existing "assign to" clause of the select statement without source code changes?
  12. Did you know you can encrypt an indexed file?
Article Information Additional Information
Article Number: 297
Created: 2018-09-20 10:12 AM
Rating: No Rating
 
Article Options Article Options
Print Question Print this Question
Email Question Email Question to Friend
Export to Adobe PDF Export to PDF File
Export to MS Word Export to MS Word
Bookmark Article
Subscribe to Article Subscribe to Article
 
Search Knowledge Base Search Knowledge Base



 
 

© Veryant - All Rights Reserved
Veryant and isCOBOL are trademarks or registered marks of Veryant in the United States and other countries. All other marks are the property of their respective owners.