This thread is kinda old already, but i just implemented an okay workaround for this topic. I created a new "PREP_PROCESS-Event" which does the decryption. The fun part is, that the decrypted password cannot be seen anywhere (e.g. as object variable or in reports), yet it is available to you in a script variable.
Content of the object, in this case called EVENT.PWDECRYPT:
:beginread 'UC_MsgNr:5229,&UC_NAME|&uc_runnr'
: read &cmd,'00', 'UC_MsgNr:26000',,MCK
: read &uc_eventfile,'00', 'UC_MsgNr:26001',,MK
:endread
##UC4[bash]&UC_JOBMD CMD="echo '&cmd'" > ~/&uc_eventfile 2>&1
##UC4[bash]UC_STATUS=$?
&UC_JOBMD MNR=&UC_MANDANT JNR=&UC_REALNR PNR=&UC_IP_PORT IPA=&UC_IP_ADDR TYP=E RET=$UC_STATUS TXT=" Job beendet"
exit $UC_STATUS
This is then used as follows (whenever you need a decrypted password):
:SET &HND# = PREP_PROCESS("&MY_AGENT#", "PWDECRYPT",,"CMD=&I_CRYPTED_PASSWORD#", "UC_LOGIN=&MY_LOGIN#")
:PROCESS &HND#
: SET &MY_DECRYPTED_PASS# = GET_PROCESS_LINE(&HND#)
:ENDPROCESS
:CLOSE_PROCESS &HND#
Be careful with the variable &MY_DECRYPTED_PASS# when using it to build plattform script. For example, it can be seen in the JCL during runtime.
For different RA-Solutions I just found out, that you can simply use crypted passwords in some cases. In this case it is the Basic-Auth of REST-Agents (>= V4.5 only):
:PUT_ATT "conn_auth_basic_password" = "&MY_CRYPTED_PASSWORD#"
EDIT: the latter only works for passwords not crypted by the password crypt cmd-utility.
Hope this'll help someone out there.
Original Message:
Sent: 05-26-2016 04:08 PM
From: Michael Lowry
Subject: Another password challenge (&UC_JOBMD)
The SQL agent feature I would like to have is to be able to include an encrypted UC4 password in my SQL statements and have the agent automatically decrypt it at execution time and not display the decrypted form of the statement.
Ah, ok. I overlooked the fact that it was an SQL job. Yeah, it would be nice if there were a way to do this. One way to implement this would be a new type of script/object variable that is protected from view. It would make troubleshooting more difficult, but would open up many possibilities too.