Webservice Password

Topics: Bindings File, Settings Management and SSO, IIS and Web Services
Oct 6, 2011 at 4:13 PM

 

I am fairly new to Biztalk and newer still to the BTDF, so if I missed documentation or some example somewhere, please point me in the right direction.

I have a Orchestration that uses a WCF-Custom port.  This port connects to a webservice and authenticates the caller, via a username and password that are stored under the Configure->Credentials tab (Do not use single sign-On).  This web service stored confidential information

How would I get the user to enter the password during the MSI install?

I am aware that we could use the SettingsFileGenerator.xml, but we would prefer not to have the passwords on developer machines, then on the sever when the MSI is extracted (under the Deployment\EnvironmentSettings folder).

Cyrus

Coordinator
Oct 6, 2011 at 4:44 PM

Hi Cyrus,

So the password for the webservice sits in your bindings XML file, correct?  In the typical process, the bindings file will need to be updated with the password before it is imported into BizTalk.  However, that will still leave a file on disk that contains the password in plain text.  If that simply cannot happen, then you would have to try to update the port configuration through custom code, possibly through WMI.  I'm not sure offhand what would be required to do that, but you could package something into an MSBuild task which could then be called from your deployment script.

Assuming that you could live with the bindings file containing the password, you can edit the InstallWizard.xml in your deployment project to add another SetEnvUIConfigItem element.  That will create another page in the wizard that appears during a server install, and capture the user-entered value into an environment variable.  That environment variable is visible to XmlPreprocess, which merges config settings into the bindings file, using the syntax ${_env_MYENVVAR}.  In your bindings file you could replace the password value with that token (see the BasicMasterBindings or other samples for the full replacement syntax and associated .btdfproj properties).  Note that there's usually a vt="" attribute on the password element, and it would need to be vt="8" to support a plain-text password string.

Hopefully that helps get you started.

Thanks,
Tom

Oct 6, 2011 at 8:13 PM

I am following the process up until the password value gets captured into the environment variable.

I have added the SetEnvUIConfigItem to the InstallWizard.xml.  I gave the EnvironmentVarName element the value of token in the PortBindingsMaster file, but the resulting PortBindings.xml (which i assume is created when the XmlPreprocess merges the PortBindingsMaster and the exported settings file choosen during the install) does not get populated with the value entered in as the password :(.  I tried both syntaxes in the InstallWizard.Xml (both <EnvironmentVarName>MYENVVAR</EnvironmentVarName> and <EnvironmentVarName>${MYENVVAR}</EnvironmentVarName>).   (I assume the _evn_  prefix was not important)

As a side note, an entry in SettingsFileGenerator.xml was required (XMLPreprocess failed without it).  When I left settings entry blank, the portbindings file was empty.  Wen i filled it out, the value was processed and placed in the port bindings file.  So I know the XMLPreprocess is working correctly, in the normal case.  I just can figue out how to make the value entered in the wizard be picked up by the XMLPreprocess and placed in the resulting PortBindings file.

Cyrus

 

Coordinator
Oct 6, 2011 at 9:52 PM
Edited Oct 6, 2011 at 9:53 PM

The _env_ prefix is required in the token.  When you use an environment variable that will only be populated by the wizard on a server deployment, then you need to do something to make your Visual Studio-based deploys work too.  That's the downside of this approach -- you need to set the environment variable when $(Configuration) is not 'Server' (which means you're on a server running the wizard).  You can do that selectively with the Condition attribute in MSBuild.  You'd need a custom task to set the env variable.  Try <Target Name="CustomPostInitialize"><Microsoft.Sdc.Tasks.SetEnvironmentVariable Variable="MYENVVAR" Value="MyPassword" Condition="'$(Configuration)' != 'Server'" /></Target>.

Thanks,
Tom

Oct 7, 2011 at 5:29 PM

Awesome I got it working - here are the steps I followed.  It required some slight changes to what you mentioned.

- added an entry into the SettingsFileGenerator, the entry in the settings colum was "_env_MYENVVAR".  This was necessary, because the xmlpreprocesssor gave me errors when this was not present.

- I did not modify the btdfproj file to set the value of my environment variable (if I want to it have a default value I can do it through the settings generator file).  Though i did modify it to delete the PortBindingsFile that is created. I add this target before the project ending tag.

  <Target Name="DeletePortBindings" AfterTargets="Deploy" >
    <Delete Files=".\PortBindings.xml" TreatErrorsAsWarnings="false" />
  </Target> 

- Modifed the InstallWizard.  Added SetEnvUIConfigItem the EnvironmentVarName elements value is "MYENVVAR".

- In PortBindingsMaster I referenced like normal "${_env_MYENVVAR}". 

 Notes on the Password tag inside of the TransportTypeData - As Tom already mentioned  a vt="8" is requried.  For the WCF Custom adapter, the position of the tag was also important.  It had to come after IsolationLevel, or the Import to the BizTalk admin console failed with malformed xml error.  Here is the complete value, "&lt;Password vt="8"&gt;${_env_MYENVVAR}&lt;/Password&gt;"

Tom thanks for all the help, the team here is loving the BTDF and I will mention your name in the next update meeting.  The tool is great and better than what I envisioned was possible, it marries a lot of different useful techinques.

 

Thanks,

Cyrus