After doing more research I now have the following question. Is there a way to avoid hard coding the passwords into the ini file when using EntireX Security and Natural Security?
I know how to restrict access to the NWW interface at the HTTP Server; however, our environment cycles passwords every 30 days and hard coding the EntireX security password into the .ini file is not feasible.
Please see what SAG documentaion has to say. Are there any other options?
Communication with Natural Security
The new version EntireX Broker SDK supports the usage of two passwords and userids.
The first userid is used to get access through EntireX Security and the second for Natural Security.
The HTTP Server Security is involved as a third security system.
HTTP Server Security:
Restrict the access of the NWW interface at your HTTP Server. For details, refer to your HTTP server documentation.
In the configuration File the NWW_USER_ID, NWW_PASSWORD has to be specified.
A second UserId/Password (RPC_USER_ID, RPC_PASSWORD) has to be set.
If the parameter USE_REMOTE_USER is activated, the RPC_USR_ID will be set/overwritten. The RPC_PASSWORD remains unchanged.
It is necessary to setup Natural Security with “AUTO=ON” to pass security without Password. If no RPC_USER_ID/RPC_PASSWORD pair is set, the NWW_USER_ID/NWW_PASSWORD will be used to enshure the compatibility with the existing implementation.