In the tests with Ride that i have to run (not written by me), there is a variable which holds the password to a server (i can Putty to it). this password changes once per 3 months. This time unfortunately the password begins with hash sign. so when i try ti add the value to this variable using Ride, it modifies it and place it as a COMMENT for that variable and it doesn't consider it as its VALUE.
Is there anyway that i can do to assign to this pass a value begining with #?
Variable:${Pass_SSH_intA}
Password value:#34(]
Thank you
Related
After testing and ensuring my Send_email function authenticates successfully using the hardcoded user and password in the SQL Table, I am now trying to Hash the password.
the way my columns are set up is something like this:
variable | value
password | someP#ssword
the columns are varchar both, with the value column being 1000 length (is that too much? i set it to that much cause i read that sha 512 requires a lot of length or something, and seen examples using 1000 at least so went with that)
I am using this query to hash,
INSERT INTO [dbo].[Table] (value)
VALUES(HASHBYTES('SHA2_512', 'someP#ssword'))
but it generates a nonbinary hash, which i am suspecting is why i am receiving this error of email authentication failed because it probably cant decipher the nonbinary password characters. but the problem is i have other values in the value column, so i can't convert the whole column to varbinary.
so is there a way to hash the password that is hardcoded or i have to insert it as hash? or is there a way i can convert just that particular field/cell without having to alter the rest of the design of the value column so it wont affect other values in there as well? or am i supposed to create a completely separate column for password and set it to binary?
EDIT: I have to pass the password in this email function call for authentication:
Send-EMail -EmailFrom $From_Email -SendTo $To_Email -Body $Email_Body -Subject $Job_Success_Email_Subject -Username $SmtpUser -Password $SmtpPassword
but Von in the comment said i can't pass the hashed password in there as credential. then that means i have to keep it nonhashed in the table? i thought hashing would work perfectly in this situation...
It looks like you have been confused by the irrelevant discussion in the comments above.
First of all: hashed password would not work in your Send-EMail function as the function has no way of "unhashing" said password. Read this introduction to Hashing vs Encryption.
If you want to secure your password and be able to retrieve original value you will need to encrypt it. The topic of encryption is quite large and way outside the scope of what can be written in SO. I will provide a few links for you to read:
http://www.manjuke.com/2018/03/data-encryption-in-sql-server-using-t.html
https://learn.microsoft.com/en-us/sql/relational-databases/security/encryption/encrypt-a-column-of-data?view=sql-server-2017
https://learn.microsoft.com/en-us/sql/relational-databases/security/encryption/sql-server-and-database-encryption-keys-database-engine?view=sql-server-2017
Encryption by pass phrase would be the simplest to implement but also weakest as anyone reading the code of an SP will find out the pass phrase and therefore can decrypt data. Note that pass phrase itself can be passed into ENCRYPTBYPASSPHRASE as a parameter, allowing you to store it (securely) elsewhere outside the database i.e. you don't have to hard code in your SP code. You will need to implement pass phrase storage method yourself if you decide to go this way.
Encryption using keys and certificates offers a very secure method but requires some time to set-up in addition to very carefully backing up your keys. If you loose your keys your data is gone i.e. you can never decrypt it.
As far as storing binary data in varchar column goes - easy, here is an example:
DECLARE #BinValue VARBINARY( 500 ) = HASHBYTES('SHA2_512', 'someP#ssword')
DECLARE #StringBinValue VARCHAR( 500 ) = CONVERT( VARCHAR( 500 ), #BinValue, 1 )
SELECT #BinValue, #StringBinValue, CONVERT( VARBINARY( 500 ), #StringBinValue, 1 ) AS BackToString
I have used your original HASHBYTES function as an example but you will need to change it to an encryption function.
Hope this clarifies things for you.
I have OdiOSCommand with command :
OdiOSCommand "-ERR_FILE=/home/oracle/jmt.err" "-WORKING_DIR=#PROJECT_DIR" "-SYNCHRONOUS=YES" "-CAPTURE_OUT_STREAM=ON_ERROR[NONE]" "-CAPTURE_ERR_STREAM=ON_ERROR[NONE]"
#TEMP = "hello world !"
But this way of assigning doesn't work.
The same problem is in echo "something" > #TEMP . This won't do anything.
#TEMP still contains only default value.
Do I need special syntax to manipulate ODI Variables in commands ?
Could you give me example how can I assign value to ODI variable ?
Thank you very much.
No other ways to change an ODI variable except two possibilities:
use Variable step with type Refresh Variable
use Variable step with type Set Variable
Drag and drop Variable into a package and choose proper type on General tab in Properties window.
If you are looking for more flexible mechanism for storing values in the memory during the session, you may use Java BeanShell substitutions. Anywehere you can write
<#TEMP="Hello world!"#>
This substitution will disappear on execution, but TEMP variable will keep assigned value while session is running. Somewhere in further steps you can write
<#=TEMP#>
And now the substitution is replaced by current value of the variable. You may use such constructions in ODI variable assignment or refreshment as well.
I've tried to write a regular expression for validating administrator login password complexity for Azure SQL Database server. Based on the documentation here:
and with the help of this link, I have come up with following pattern to validate the password complexity:
^((?=.*[A-Z])(?=.*\d)(?=.*[\~\`\!\#\#\$\%\^\&\*\(\)\-\_\+\=\{\[\}\]\|\\\:\;\"\'\<\,\>\.\?\/])|(?=.*[a-z])(?=.*\d)(?=.*[\~\`\!\#\#\$\%\^\&\*\(\)\-\_\+\=\{\[\}\]\|\\\:\;\"\'\<\,\>\.\?\/])|(?=.*[a-z])(?=.*\d)(?=.*[A-Z])|(?=.*[a-z])(?=.*[\~\`\!\#\#\$\%\^\&\*\(\)\-\_\+\=\{\[\}\]\|\\\:\;\"\'\<\,\>\.\?\/])(?=.*[A-Z]))[a-zA-Z\d\~\`\!\#\#\$\%\^\&\*\(\)\-\_\+\=\{\[\}\]\|\\\:\;\"\'\<\,\>\.\?\/]{8,128}$
This one obviously doesn't deal with the 1st scenario (password does not contain the account name of the user) but all other things are covered and based on my testing it works.
However I am curious to know if this can be improved somehow. One thing I am thinking is that I can remove literal character (\) for some of the non-alphanumeric characters.
Any other things I can do to improve this pattern?
Here's a few thing you can do:
Remove useless escaping within brackets:
[~`!##$%^&*()\-_+={[}\]|\\:;"'<,>.?\/]
introduce a variable to avoid repetition on the previous group. If you want to allow in the future another special char it would be easier to change.
change a-zA-Z\d_ to \w.
put it multi-line for readability (though I'm not sure that it's supported).
Which would give:
^(
(?=.*[A-Z])(?=.*\d)(?=.*[~`!##$%^&*()\-_+={[}\]|\\:;"'<,>.?\/])
|(?=.*[a-z])(?=.*\d)(?=.*[~`!##$%^&*()\-_+={[}\]|\\:;"'<,>.?\/])
|(?=.*[a-z])(?=.*\d)(?=.*[A-Z])
|(?=.*[a-z])(?=.*[~`!##$%^&*()\-_+={[}\]|\\:;"'<,>.?\/])(?=.*[A-Z])
)
[\w~`!##$%^&*()\-+={[}\]|\\:;"'<,>.?\/]{8,128}$
Note 1: If by Non-alphabetic characters you meant anything that is not a letter or a number, switch to \W.
Note 2: As of now, your regex will not allow the user to use accentuated chars
I've tried to add a new user with phpmyadmin of my host but it didn't work. After I
add a new record in user table (same of other users info) and tried to login with
my new username to the MediaWiki, the system said user doesn't exist.
Don't touch the database manually, if you need to do this server-side, there's a script for that called createAndPromote.php in maintenance/.
If you want to import many user at a time ,you can use ImportUsers extension, it allows you to import a CSV file (with user list) into the system.
You can not insert records in User table for it has a password field which being encrypted by a PHP function.But for other tables like tw_group or user_groups,you can change it directly in database.
Was evaluating BlueSpice (based on MediaWiki) and came to that point, too.
Problem in my case was: In table user, column user_name, entries must have capital first letter! E.g.
|user_name|
|test |
is not working.
|user_name|
|Test |
is working.
Also, regarding the "password" problem mentioned in the other answer: You can create it by yourself. Here's a quick and dirty solution using some webtools.
Create random hex for salt (32 bit)
https://www.browserling.com/tools/random-hex
Turn salt to base64
https://base64.guru/converter/encode/hex
Create key from password (30000 Iterations; dkLen 512; PBKDF2WithHmacSHA512)
https://8gwifi.org/pbkdf.jsp
Create Key String (replace >>XX<< with the values from above)
:pbkdf2:sha512:30000:64:>>SALT_IN_BASE64<<:>>KEY_STRING<<
Ps: For the user_token I used a random 32bit hex.
Be extremely careful when making direct changes to the database. Always test extensively. This is not for newbies who copy from StackOverflow without understanding what they are doing!
I'm trying to insert an email address with a comma in it (and it has to be entered that way) and I'm currently stumped on how to properly insert the exact text into this cell.
The e-mail address that needs to be entered as/is:
joe,.E.Blow#someemail.com
What I've tried is work different escape patterns into the code. For example, this...
'''joe'''+','+'''.E.Blow#someemail.com'''
gets entered into the database as...
'joe','E.Blow#someemail.com'
I've tried different combinations with single and double quotes and it can't even get past a simple parse without errors.
What is the best way to go about getting the email address entered as noted above? I know it's something simple but I'm just spinning my wheels here.
the solution is simple:
for example: joe,.E.Blow#someemail.com
SEE FIDDLE