Skip navigation

Allow Password Masking via BAO REST Adapter

score 210
You have not voted. Product Team Review

We are facing a common community issue with the BAO REST Adapter, which is outlined here:  https://communities.bmc.com/thread/182837?start=0&tstart=0

 

We would like to be able to use secure variables, but it returns an error unless we pass it unsecured. This forces us to pass information as plaintext, which does not meet our organization's security requirements.

 

We logged Case 00590206 for further investigation, and our assigned analyst confirmed that AutoPilot-AD-Utilities:REST:Post only handles a secure body, not a secure header. Please see the full reply below:

 

You can skip this step by modifying the workflow, but that still inserts the XML into the JSON. The adapter does not know how to handle XML in the middle of what it expects to be a JSON string and it fails with a different error. We may be able to work around this by removing the headers section from the final transform entirely, putting it in a separate transform, and concatenating the information so the result is a secure XML we can add back into the adapter request, but that is a significant change and I don't know how that modified workflow would handle other inputs.

 

This enhancement would provide a mechanism for us to be able to secure both the body & header data using the REST adapter.

 

Thank you for your consideration!

Comments

Vote history