Posted: 9 Jun 2017 2:07 EDT Last activity: 6 Nov 2018 20:02 EST
Pega Robotics Studio 8: password management for automations
When logging in to various systems or opening protected Excel files, the password is required and till now usually hard coded within the automation. Apart from having bad maintainability, we also noticed the password is written to the log files; for example, the following automation snippet:
produces the following log line:
Info | 12:56:57.516 午後 | 1 | STA | Automation | trilogy_login | Project1 | Automation: trilogy_login propagating From: trilogy_login.password.Value To client_text_input.client_text_input._EntryPointExecute().param2 Value: Pxxxxxxxxx
This is at "Info" log level, so the only way to stop the password appearing in clear text in the log would be to set the log to "Error" level which would make operational troubleshooting much more difficult. Ideally we would like just this one control to not log, but all other controls and/or automations to log at Info level - is there a way to do this?
More generally, what are Robotics' best practices for managing passwords? As mentioned, it's best for it to not be hard coded and we thought of managing the passwords in an Excel file, but that Excel file is also password protected and its location and password will appear in the log files
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
You can right click and mark that data line as sensitive. And see how the password looks like.
Normally , we ask the user to provide the password in the very beginning " after start up of automation" so that we can keep it on a credential store, or keep in a encrypted file ".net based" or in ASO "Assisted Sign On" . so that OpenSpan can use it through out the automation life cycle.
Note: We do delete the respective password store folders when runtime exits
Thank you! That is exactly the answer that our customer needed. I have marked this as answered.
Slight deviation from the main aim of this article, but any general best practices for password management would still be welcome: in general maintaining passwords outside is better than hard-coding, but even the password management system would require a password which itself would end up being hardcoded. The only way to avoid hard coding any passwords, saving them in clear text, or prompting the user for it, would be some sort of IdP as in SSO? Is there anything like that in the Robotics world?
Look at the ASOManager component. ASOManager (Assisted Sign On) allows you to store user IDs and passwords in an encrypted data store in the user profile. This is encrypted with MSDPAPI which means it is directly tied to the user's profile and password.
This component provides dialogs for maintaining credentials and methods for setting and getting credentials.