We have received a request from client and want to check its feasibility on the same. Ask is to use flow services - pub.security.outboundPasswords:setPassword & pub.security.outboundPasswords:getPassword for enhancing the security of all the VFS Folders connection’s credential. Can anyone please suggest if its doable and if so what approach one should follow for the same ?
The folder pub.security.outboundPasswords has services that let you manage your outbound passwords by providing a store to store and retrieve passwords, Please refer the usage notes for services pub.security.outboundPasswords:setPassword , getPassword and (not to forget) pub.security.outboundPasswords:removePassword for details on how to use them. It highlights some basic processes.
Can you please elaborate on this statement? Enhancing security can mean a lot of things and can be implemented in a ton of ways, surely it is not only about secure password management. But it does depend upon your requirements.
Thanks @Nagendra_Prasad_A_R for the response. As all entry on MFT Event/VFS(username, password etc.) stored in database(installation) on some table so idea was to check whether we can use above services to secure password even before they are getting stored in default DB.
I’m not a security expert, but it looks like your concern is about storing data directly in database , the public outboundpassword services let you manage passwords in a store separate from the DB, not sure how they can help you secure password before storing in DB.
Perhaps someone with expertise with MFT/ security can add more thoughts here.