topic Re: Encrypted String in Geoprocessing Questions

Encrypted String

BrianMulcahy — Tue, 03 Jul 2012 15:46:58 GMT

Is there way to pass encrypted string parameters as text?

I am using a python script that takes a username and password and I would like the password to be masked in the dialogue box but if I do this that string is not usable later in my script when I use it as a parameter in a log in.

See smtpPwd Below

Tested the code and it works fine when Parameter 7 is not set as an encrypted string but just as regular string.

sendto = gp.GetParameterAsText(0).split(";") fromaddr = gp.GetParameterAsText(1) subject = gp.GetParameterAsText(2) text = gp.GetParameterAsText(3) zipfile = gp.GetParameterAsText(4).replace("\\",os.sep) maxsize = int(gp.GetParameterAsText(5)) * 1000000 smtpUser = gp.GetParameterAsText(6) smtpPwd = gp.GetParameterAsText(7)  msg = MIMEMultipart('alternative') msg['From'] = fromaddr msg['To'] = COMMASPACE.join(sendto) msg['Date'] = formatdate(localtime=True) msg['Subject'] = subject  html = """<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <body style="font-size:12px;font-family:Verdana"><p>Please download the attachment and then import into ArcMap to view.</p></body></html>""" #attach the zip file HTML_BODY = MIMEText(html, 'html') msg.attach( HTML_BODY) part = MIMEBase('application', "zip")   # Change if different file type sent. part.set_payload( open(zipfile,"rb").read() ) email.encoders.encode_base64(part) part.add_header('Content-Disposition', 'attachment; filename="%s"' % os.path.basename(zipfile)) msg.attach(part)  #Sending Mail server = SMTP('blah') server.set_debuglevel(1) server.login(smtpUser,smtpPwd) server.sendmail(fromaddr, sendto, msg.as_string()) server.quit()

Re: Encrypted String

KevinHibma — Tue, 03 Jul 2012 22:49:33 GMT

Hello,

The encrypted string parameter you're using is meant for tools which except an encrypted password (like our Create ArcSDE connection tool).

We've been having internal discussions about this particular type of parameter, something like a "hidden string", where in the UI you'd only see the ****, but the tool would get the actual string somewhere in the code and deal with it (in your example, authenticating an STMP server).

To answer your question, we dont have anything that will do what you want (hide the password in the UI), but the use case you outline below is helpful as we evaluate a new parameter type for a future release. Thank you.

Re: Encrypted String

BinChen1 — Wed, 04 Jul 2012 16:47:29 GMT

I got another issue regarding EncryptedString and like to post it here in this thread.

When I set a script parameter as EncrpytedString datatype, it works fine in desktop. However, when I publish the tool as a GPService, it does not work.
1) The parameter control in web browser is still clain text instead of masked text (****).
2) The value passed to the server is incorrect, the logged value of that parameter is ***** and not the actual value of the text.

Thanks,
- Bin

Re: Encrypted String

BrianMulcahy — Sun, 08 Jul 2012 18:41:47 GMT

Hello,

The encrypted string parameter you're using is meant for tools which except an encrypted password (like our Create ArcSDE connection tool).

We've been having internal discussions about this particular type of parameter, something like a "hidden string", where in the UI you'd only see the ****, but the tool would get the actual string somewhere in the code and deal with it (in your example, authenticating an STMP server).

To answer your question, we dont have anything that will do what you want (hide the password in the UI), but the use case you outline below is helpful as we evaluate a new parameter type for a future release. Thank you.

Is there any idea for a work around? I would like to give this tool to another employee but I do not want to see there password if I need to modify the script in the future.

Re: Encrypted String

KevinHibma — Mon, 09 Jul 2012 18:17:13 GMT

No, my apologies, I'm not aware of any workarounds to the GUI in terms of hiding their password.

Thinking out loud - you could have the script read from a textfile on their harddrive, and they place their password in there. Of course theres nothing secure about that....

Re: Encrypted String

PF1 — Mon, 31 Dec 2012 16:54:34 GMT

Is there any idea for a work around? I would like to give this tool to another employee but I do not want to see there password if I need to modify the script in the future.

I've used the getpass methods in a subprocess to ask the user for a password during execution time to get around this limitation. See a similar thread here: http://forums.arcgis.com/threads/37576-Encrypting-a-password-parameter?p=260077#post260077

Best of luck!