cancel
Showing results for 
Search instead for 
Did you mean: 

Is there any encryption method available for credentials(UID/PWD) not to show in ReadyAPI Tests

ramaG
Contributor

Is there any encryption method available for credentials(UID/PWD) not to show in ReadyAPI Tests

Hello, 

1. Is there any encryption method available for credentials(UID/PWD) not to show in ReadyAPI Tests ?

 

2. Also, how can we store credentials securily when running ReadyAPI Test cases in Jenkins.(CI/CD)?

 

For Ex: We have a service with Basic auth SOAP service. We do not want the credentials(UID/PWD) to show in clear text in the project xml.(currently the Project xml shows the credentials in clear text)

 

Appreciate any help.

Thank you!

 

 

5 REPLIES 5
nmrao
Community Hero

Re: Is there any encryption method available for credentials(UID/PWD) not to show in ReadyAPI Tests

Not sure about encryption.
Where (in which step) are you using credentials? In request? In custom properties?
How do you execute the tests ? command line or from UI?

You can use custom properties (if not already) and pass the actual values from command line or from a property fie.
Refer
https://www.soapui.org/docs/scripting-and-properties/working-with-properties/
https://www.soapui.org/docs/scripting-and-properties/property-expansion/?sbsearch=Property%20Expansi...


Regards,
Rao.
ramaG
Contributor

Re: Is there any encryption method available for credentials(UID/PWD) not to show in ReadyAPI Tests

Thanks for the reply.

 

These credentials are for Basic Authorization userID and Password to access the service.

 

We execute from UI and command line. Also these need to be executed in Jenkins pipe line too.

 

Currently the SOAP XML shows credentials in clear text. For security purpose we don't want authorization credentials to show in the xml. 

In the automation,  Can we store and pass these credentials while running the tests.

We are looking if there is any feature to encrypt these UserID/password in our automation.

 

Thanks!

 

nmrao
Community Hero

Re: Is there any encryption method available for credentials(UID/PWD) not to show in ReadyAPI Tests

Not sure if you have gone thru the details.
Use property file to load the data and keep it with the respected user only. When you test it, load the properties and use.

For jenkins, you may created a separate user for the same if possible.
I believe that there is no encryption to save password. Just the tool will mask the password field, and shows in xml at the moment.


Regards,
Rao.
richie
Community Hero

Re: Is there any encryption method available for credentials(UID/PWD) not to show in ReadyAPI Tests

Hey @ramaG,

Have a look at the following and see if this helps out.

https://support.smartbear.com/readyapi/docs/testing/best-practices/secure.html

Ta

Rich.
if this helped answer the post, could you please mark it as 'solved'? Also if you consider whether the title of your post is relevant? Perhaps if the post is solved, it might make sense to update the Subject header field of the post to something more descriptive? This will help people when searching for problems. Ta
ramaG
Contributor

Re: Is there any encryption method available for credentials(UID/PWD) not to show in ReadyAPI Tests

Thanks for the replies.

 

1. We have used Encryption at Selected properties . We tried encrypting user and password. It does encrypt  in ReadyAPI UI . 

After saving the Composite project we checked the XML, it still shows Password in clear text in the xml.

 

2. We tried encrypting entire project the password is not shown in the XML. But The project shows as 'E' encrypted mode. It is not Composite project any more. 

So we can't have Encrypted projected work with GitHub. 

Is there any option to put encrypted project in the github?

Does encrypted project work in docker container?

 

 

If anyone has any idea , please let me know.

 

Thanks!

New Here?
Join us and watch the welcome video:
Announcements
Top Kudoed Authors