Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

comment on

( [id://3333]=superdoc: print w/replies, xml ) Need Help??
I've done a bit of searching here on this topic, but either I'm not asking myself the right question or I'm missing something. I have a script that accesses a Windows app via COM API. The app requires a connection that includes a user name/password to authenticate so you can access and do what you need to do. Currently, the user ID/password are hard coded into the script so anyone on my team who uses the script does the work as that user instead of their own account. I've initiated a request to our vendor to address this so that we can use something like the "currently logged on user" for our authentication via the COM API (this is functionality availble in the GUI front-end but not apparently in the COM API objects we can access). Not sure when this will get done. In the meantime, I'd revising things so that when a user runs the script, it will prompt them for their user ID and then password which would then be passed in to authenticate the connection. My question: is there a good/recommended way to prompt a user for a password and then hash it or do something so that the password is not kept in clear text but can be passed for authenticating the connection to the app. The audience on this functionality is extremely limited to myself and my two co-workers (no one else would be able to run and administer the application using these scripts). I'm really not sure where to begin beyond setting the script up to prompt for user ID/password. Here is what I have at the moment:
use strict; use warnings; use Win32::OLE; use Data::Dumper; ## specify EFT connection information. If the eftadmin password change +s, it needs to be changed here as well. our $domain='OurDomain\\'; our $pass; our $user; CONNECTION: { print "Account ID? "; chomp (my $s_id=<STDIN>); $user=$domain . $s_id; print "Using $user to authenticate.\n"; print "Password? "; chomp (my $pass=<STDIN>); print "Password: $pass\n"; }
One thought I had would be to make the connection right away and then change the value of $pass to some garbage (or set it to undef or something like that so it's no longer valid - it would only be needed once to make the connection - the code to make the connection has not been included in this sample). If there's something I can look at to figure out my issue, please let me know (I'm not looking for a specific answer - just some place I can go to find an answer - or suggestions). If possible, I'd like to avoid having to load additional modules (unless that is the best answer). Thanks in advance

In reply to Masking Windows Passwords by nimdokk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chilling in the Monastery: (4)
As of 2024-03-29 05:25 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found