If you need to store passwords in AX there are some application objects, classes and attributes that you can use. This post details the steps you can take to allow entry of a password in a form, which will be stored in the database.
1. Add the password field to your table. This field should be of type ‘CryptoBlob’ which is a container that contains binary data:
2. Add an edit method for the password to your table:
02 | edit Password editPassword(boolean _set = false, Password _pwd = '') |
04 | CryptoBlob cryptoBlob = connull(); |
09 | this.Password = WinapiServer::cryptProtectData(str2cryptoblob(_pwd)); |
12 | return (this.Password == connull()) ? '' : 'xxxxxxxx'; |
3. Drag and drop the edit method to your form and ensure that the attribute ‘PasswordStyle’ is set to ‘Yes’:
4. To retrieve the password you will need a method similar to the following:
1 | static Password getPassword(UserId _userId) |
3 | CryptoBlob cryptoBlob = TutorialPasswordTable::find(_userId).Password; |
6 | return (cryptoBlob == connull()) ? '' : |
7 | cryptoblob2str(WinapiServer::cryptUnProtectData(cryptoBlob)); |
Disclaimer / Notice / Yada Yada
The safest way to handle passwords is not to store them in the database. The steps described in this post are better than storing the password in the database as plain text, but far from bulletproof. Please ensure that AX security is fully considered if using this method (Table level security, access to code / development etc)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.