Storing passwords using AX


If you need to store passwords in AX there are some application objects, classes and attributes that you can use.  This post details the steps you can take to allow entry of a password in a form, which will be stored in the database.
Password form
1.  Add the password field to your table. This field should be of type ‘CryptoBlob’ which is a container that contains binary data:
Password table field
2. Add an edit method for the password to your table:
01//BP Deviation Documented
02edit Password editPassword(boolean _set = false, Password _pwd = '')
03{
04    CryptoBlob cryptoBlob = connull();
05    ;
06 
07    if (_set)
08    {
09        this.Password = WinapiServer::cryptProtectData(str2cryptoblob(_pwd));
10    }
11 
12    return (this.Password == connull()) ? '' 'xxxxxxxx';
13}
3. Drag and drop the edit method to your form and ensure that the attribute ‘PasswordStyle’ is set to ‘Yes’:
Password form control
4. To retrieve the password you will need a method similar to the following:
1static Password getPassword(UserId _userId)
2{
3    CryptoBlob cryptoBlob = TutorialPasswordTable::find(_userId).Password;
4    ;
5 
6    return (cryptoBlob == connull()) ? '' :
7                cryptoblob2str(WinapiServer::cryptUnProtectData(cryptoBlob));
8}
 
Disclaimer / Notice / Yada Yada 
The safest way to handle passwords is not to store them in the database. The steps described in this post are better than storing the password in the database as plain text, but far from bulletproof. Please ensure that AX security is fully considered if using this method (Table level security, access to code / development etc)

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.