The XA open string required to connect to a database instance might contain sensitive information. When it does, you can hide that sensitive information using the Micro Focus Vault Facility, which enables the storage of data in a secure external source. You can use the vault facility to securely hide entire open strings, or pieces of an open string.
We provide the ESXAEXTCFG.CBL COBOL program and writeSecrets.bat batch file to use with the vault facility and RM switch modules to obfuscate XA open strings. These files are located by default in the \src\enterpriseserver\xa directory.
The steps required are as follows:
WriteSecrets.bat runs a series of mfsecretsadmin commands that populate the vault. For more information, see The mfsecretsadmin Utility .
./build ext
This generates the ESXAEXTCFG.so switch module.
The ESXAEXTCFG.CBL file contains examples for common usage scenarios such as storing the entire XA string in the vault, storing only the password, or storing a combination of the user ID and password. It also documents return code values on entry and on exit, the initial name/value pair table used on entry, and the use of placeholders.
For replacing pieces of the open string with data from the vault, use placeholders to identify the data to be replaced. For example, within the open string, use &PWD& as the placeholder for a password, or &NAME& as a placeholder elsewhere in the open string, where the text between ampersands (&) matches the text in the name/value pair table. Examples of both XA open strings and corresponding configurations have been provided in the ESXAEXTCFG COBOL program.