Secure SUT Connection Credentials
Eggplant Functional can use your computer's OS-specific credential management tool to store credentials used for connecting to SUTs. Storing this information in a secure location means you can prevent password details or API keys from appearing in the EPF Script Editor and Run Window output panes, and log files, among other security benefits.
Secure connection passwords are new in Eggplant Functional 21.2
Eggplant Functional stores secret information, or VaultValues, in a "vault," or location of your system keyring. The credential management tool is different based on your operating system:
- Keychain on Mac
- Credential Manager on Windows
Secure credentials are not supported on Linux
Several different types of values are stored:
- Passwords
- Sauce Labs API Keys
See Commands for Secure Values for the SenseTalk commands to use with this feature.
Migrating Passwords
To save your passwords to your system:
- Open Connection Preferences.
- Under Security, select the Store connection passwords checkbox. Note that the label for this checkbox will specify the appropriate credential management tool for your computer's OS.
Confirm that Passwords are Secured
When passwords are not stored in the credential management tool, they appear in an encrypted form in the Pass_code property from the ConnectionInfo functions, e.g.:
{Availability:"Unknown", Bonjour:"False", ColorDepth:0, Connected:"False",
Name:"MY-RDP-SUT", Pass_code:"U1S.@Y;>Z%$", PortNum:3389,
Reverse:"False", ServerID:"12.34.56.78", Status:"Not Connected",
Type:"RDP", username:"MyUser", Visible:"False"}
When passwords are stored securely in the credential management tool, the Pass_code property should be absent from the results of ConnectionInfo functions. Instead, you'll see a connectionID property, e.g.:
{Availability:"Unknown", Bonjour:"False", ColorDepth:0, Connected:"False",
Name:"MY-RDP-SUT", PortNum:3389,
Reverse:"False", ServerID:"12.34.56.78", Status:"Not Connected",
Type:"RDP", username:"MyUser", Visible:"False",
connectionID:"18724D60-3ED0-480C-96A5-BADEF15F267A"}
Removing Passwords from the Credential Management Tool
In some cases, you might need to remove your passwords from the credential management tool. For example, if you need to switch back and forth between Eggplant Functional 21.2 or later and a pre-21.2 version of Eggplant Functional and migrated your passwords. Also, you might need to disable this option if you have a script that depends on the pass_code from ConnectionInfo() and migrated your passwords without understanding the impact.
To remove your passwords from the credential management tool:
- Open Eggplant Functional Connection Preferences.
- Under Security, clear the Store connection passwords checkbox. Note that the label for this checkbox will specify the appropriate credential management tool for your computer's OS.
Viewing Connection Information in the Credential Management Tool
On all platforms, the connection entry in Eggplant Functional can be correlated with an entry in the credential management tool using the connectionID connection property.
Windows
- From the Start menu, click the search icon.
- Type "Credential Manager" and launch the application.
- Select "Windows Credentials".
- All Eggplant Functional connection passwords are prefixed with
"com.eggplantsoftware.epf-"and followed by the connectionID. - Expand entries to confirm that the "User name" also contains the connectionID.
macOS
- Open the Keychain Access application.
- Select the login keychain.
- Select the Passwords category.
- Type "EPF" in the filter text box at the top right to show only Eggplant Functional connection password entries.
- Select an entry to see the connectionID listed under the "Account". Double-click the entry for more details.