Encrypted String

1575
5
Jump to solution
07-03-2012 08:46 AM
BrianMulcahy
New Contributor III
Is there way to pass encrypted string parameters as text?

I am using a python script that takes a username and password and I would like the password to be masked in the dialogue box but  if I do this that string is not usable later in my script when I use it as a parameter in a log in.

See smtpPwd Below

Tested the code and it works fine when Parameter 7 is not set as an encrypted string  but just as regular string.

sendto = gp.GetParameterAsText(0).split(";") fromaddr = gp.GetParameterAsText(1) subject = gp.GetParameterAsText(2) text = gp.GetParameterAsText(3) zipfile = gp.GetParameterAsText(4).replace("\\",os.sep) maxsize = int(gp.GetParameterAsText(5)) * 1000000 smtpUser = gp.GetParameterAsText(6) smtpPwd = gp.GetParameterAsText(7)  msg = MIMEMultipart('alternative') msg['From'] = fromaddr msg['To'] = COMMASPACE.join(sendto) msg['Date'] = formatdate(localtime=True) msg['Subject'] = subject  html = """<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <body style="font-size:12px;font-family:Verdana"><p>Please download the attachment and then import into ArcMap to view.</p></body></html>""" #attach the zip file HTML_BODY = MIMEText(html, 'html') msg.attach( HTML_BODY) part = MIMEBase('application', "zip")   # Change if different file type sent. part.set_payload( open(zipfile,"rb").read() ) email.encoders.encode_base64(part) part.add_header('Content-Disposition', 'attachment; filename="%s"' % os.path.basename(zipfile)) msg.attach(part)  #Sending Mail server = SMTP('blah') server.set_debuglevel(1) server.login(smtpUser,smtpPwd) server.sendmail(fromaddr, sendto, msg.as_string()) server.quit()
0 Kudos
1 Solution

Accepted Solutions
PF1
by
Occasional Contributor II
Is there any idea for a work around? I would like to give this tool to another employee but I do not want to see there password if I need to modify the script in the future.


I've used the getpass methods in a subprocess to ask the user for a password during execution time to get around this limitation.  See a similar thread here: http://forums.arcgis.com/threads/37576-Encrypting-a-password-parameter?p=260077#post260077

Best of luck!

View solution in original post

0 Kudos
5 Replies
KevinHibma
Esri Regular Contributor
Hello,

The encrypted string parameter you're using is meant for tools which except an encrypted password (like our Create ArcSDE connection tool).

We've been having internal discussions about this particular type of parameter, something like a "hidden string", where in the UI you'd only see the ****, but the tool would get the actual string somewhere in the code and deal with it (in your example, authenticating an STMP server).

To answer your question, we dont have anything that will do what you want (hide the password in the UI), but the use case you outline below is helpful as we evaluate a new parameter type for a future release. Thank you.
0 Kudos
BinChen1
New Contributor II
I got another issue regarding EncryptedString and like to post it here in this thread.

When I set a script parameter as EncrpytedString datatype, it works fine in desktop. However, when I publish the tool as a GPService, it does not work.
1) The parameter control in web browser is still clain text instead of masked text (****).
2) The value passed to the server is incorrect, the logged value of that parameter is ***** and not the actual value of the text.

Thanks,
- Bin
0 Kudos
BrianMulcahy
New Contributor III
Hello,

The encrypted string parameter you're using is meant for tools which except an encrypted password (like our Create ArcSDE connection tool).

We've been having internal discussions about this particular type of parameter, something like a "hidden string", where in the UI you'd only see the ****, but the tool would get the actual string somewhere in the code and deal with it (in your example, authenticating an STMP server).

To answer your question, we dont have anything that will do what you want (hide the password in the UI), but the use case you outline below is helpful as we evaluate a new parameter type for a future release. Thank you.


Is there any idea for a work around? I would like to give this tool to another employee but I do not want to see there password if I need to modify the script in the future.
0 Kudos
KevinHibma
Esri Regular Contributor
No, my apologies, I'm not aware of any workarounds to the GUI in terms of hiding their password.

Thinking out loud - you could have the script read from a textfile on their harddrive, and they place their password in there. Of course theres nothing secure about that....
0 Kudos
PF1
by
Occasional Contributor II
Is there any idea for a work around? I would like to give this tool to another employee but I do not want to see there password if I need to modify the script in the future.


I've used the getpass methods in a subprocess to ask the user for a password during execution time to get around this limitation.  See a similar thread here: http://forums.arcgis.com/threads/37576-Encrypting-a-password-parameter?p=260077#post260077

Best of luck!
0 Kudos