If you need to store passwords in AX there are some application objects,
classes and attributes that you can use. This post details the steps you can
take to allow entry of a password in a form, which will be stored in the
database.
1. Add the password field to your table. This field should be of type
‘CryptoBlob’ which is a container that contains binary data:
2. Add an edit method for the password to your table:
02 |
edit Password
editPassword(boolean _set = false, Password _pwd = '')
|
04 |
CryptoBlob cryptoBlob = connull();
|
09 |
this.Password =
WinapiServer::cryptProtectData(str2cryptoblob(_pwd));
|
12 |
return (this.Password == connull())
? '' :
'xxxxxxxx';
|
3. Drag and drop the edit method to your form and ensure that the attribute
‘PasswordStyle’ is set to ‘Yes’:
4. To retrieve the password you will need a method similar to the
following:
1 |
static Password getPassword(UserId _userId)
|
3 |
CryptoBlob cryptoBlob =
TutorialPasswordTable::find(_userId).Password;
|
6 |
return (cryptoBlob ==
connull()) ? '' : |
7 |
cryptoblob2str(WinapiServer::cryptUnProtectData(cryptoBlob));
|
DisclaimerThe safest way to handle passwords is not to store them
in the database. The steps described in this post are better than storing the
password in the database as plain text, but far from bulletproof. Please ensure
that AX security is fully considered if using this method (Table level security,
access to code / development etc)
You can download the tutorial as an xpo
here
from axaptapedia
No comments:
Post a Comment