Hitachi Vantara Pentaho Community Forums
Results 1 to 3 of 3

Thread: Passing encrypted password as an argument in a shell step

  1. #1
    Join Date
    Apr 2011
    Posts
    21

    Exclamation Passing encrypted password as an argument in a shell step

    Hi guys,

    I am trying to run a shell script from a PDI-job using the shell step. The script itself is connecting to a database, so I need to pass a user and password to the script. The password is encrypted and saved in a variable. But when the script is started I see that the password is not been decrypted!!! So the jo aborts with an error:

    INFO 14-09 10:46:39,993 - do_db2 - Running on platform : Linux
    INFO 14-09 10:46:39,993 - do_db2 - Executing command : /blah/blah/blah/.../do_db2 /blah/blah/blah/.../work sDIS Database Username Encrypted 2be98afc86aa7f2e4ad0ea650f9c3be83
    INFO 14-09 10:46:40,033 - do_db2 - (stdout) $1: /blah/blah/blah/.../work
    INFO 14-09 10:46:40,034 - do_db2 - (stdout) $2: sDIS
    INFO 14-09 10:46:41,062 - do_db2 - (stdout) SQL0104N An unexpected token "2be98afc86aa7f2e4ad0ea650f9c3be83" was found
    INFO 14-09 10:46:41,063 - do_db2 - (stdout) following "<identifier>". Expected tokens may include: "NEW".
    INFO 14-09 10:46:41,063 - do_db2 - (stdout) SQLSTATE=42601
    INFO 14-09 10:46:41,169 - do_db2 - (stdout) SQL1024N A database connection does not exist. SQLSTATE=08003


    Can anyone please help me solve thit problem! I am really totallName:  PDI.jpg
Views: 335
Size:  23.2 KBy desperated

    Kind regards
    Last edited by DGeorgieva; 09-14-2011 at 08:15 AM.

  2. #2
    Join Date
    Apr 2011
    Posts
    21

    Default

    OK, no ideas!!!

    I found a workaround here:

    http://forums.pentaho.com/showthread...tion-of-fields

    But this is still an issue and I think it have to be fixed in PDI.

    Another problem I see in this step comes with the "Script file name" field. It is not that optimal to always have to include the full path ot the file, because a user might wanna use the UNIX search path and start the script from anyware on ther machine. That way it is not going to work due to the insertion of ${user.dir}.

    Kind regards

  3. #3
    Join Date
    Nov 1999
    Posts
    9,729

    Default

    You decided to obfuscate the password, not PDI. Security-wise it's best to keep the password in obfuscated form until right before it is used in a step.

    For the other issue: you're probably using an older version of PDI since it works fine in recent versions.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.