1
0
-1

I would like to make a secure REST call to our internal system from TM. Then I need to upload our keystore to TM and it can be loaded by Groovy, but seem no way I can't find a way to do it. Pls help if any recommended, thanks. 

    CommentAdd your comment...

    2 answers

    1.  
      1
      0
      -1

      Hi Alex,

      One method could be to use a Transact SSO Security Manager instance to hold the keystore for you. SSO Security Managers allow you to configure certificates, keystores and the security credentials that may be required to access these.

      See the 'Security Managers' option located under the 'Security' menu:

      The advantage of this approach is that there is built in functionality to manage keystore passwords and certificate alias etc.

      Security Manager definitions can be accessed via Groovy script as follows:

      Example
      import com.avoka.fc.core.dao.DaoFactory
      import com.avoka.fc.core.entity.SecurityManager
      
      
      // load security credentials
      SecurityManager manager = DaoFactory.getSecurityManagerDao().getSecurityManagerForName(securityMgrName)
      byte[] ssoKeystoreData = manager.getSsoKeystoreData()
      String ssoKeystorePassword = manager.getSsoKeystorePassword()
      byte[] ssoValidatorCertData = manager.getSsoValidatorCertData()


      An alternative could be to use Form Space or Organisation properties (data type: image, data type: password) to achieve something similar.

      Hope this helps,

      Matthew

      1. Alex Lam

        Hi Matthew, 

        I would like to ask which instance will store the keystore which I uploaded, in TM itself? or KMS of AWS, or any other place else? Thanks. 

      CommentAdd your comment...
    2.  
      1
      0
      -1

      Hi Matthew,

      Thanks so much. I take your approach to make use of Security Manager to hold the keystore. It's work. =)

        CommentAdd your comment...