Versions Compared

Old Version 20

changes.mady.by.user Caleb Miller

Saved on

compared with

New Version Current

changes.mady.by.user Caleb Miller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Function

Credentials Manager is an Apica ZebraTester plugin that extends the functionality of secure storage and retrieval of credentials or passwords using Apica’s ASM API.

...

Installing the Credentials Manager Plugin

Step

Information

1. Mandatory: Create an Entry (a new custom dictionary)

First, create the encrypted credentials entry into Apica’s ASM API by running the jar version of the plugin from a command line to open GUI.

Code Block
java -jar CredentialsManager2UtilityTool_vXX.jar

Key:Value pair(s) will be created as a result.

Note

Up to 50 key:value pairs can be used for a single dictionary_key as long as the value doesn’t exceed 1000 characters. Credentials Manager 2 also supports long values over 1000 characters (e.g., private keys or certs) but will reduce the number of keys:value pairs that can be stored to around 5 entries.

2. Add the Credentials Manager plugin into ZebraTester

By adding the .class as a plugin to your ZebraTester Script and then passing in the ASM_API_Url, ASM_API_AuthTicket, dictionary_key, shared_secret, and key as an index parameter, you can fetch the encrypted value, which the plugin will decrypt at execution rather than having that value hard-coded into the script as plaintext.

...

Input Parameter

Number

Name

Mandatory?

Assign From

1

Apica ASM API URL 

Yes

variable

2

Apica ASM API Auth Ticket 

Yes

variable

3

Dictionary Key 

Yes

variable

4

Shared Secret Key 

Yes

variable

5

Key (of value) 

Yes

variable

6

Proxy settings (if applicable)

No

variable

Output Parameter

Number

Name

Mandatory?

Extract To

1

Value (of Key)

Yes

[variable]

...

CredentialsManager2UtilityTool_vXX.jar (Used from the GUI)

Function

Set-up Instructions

Encrypt key/value pairs like Username and Password

Image Removed

  • A successful execution of this will result in Created

  • To verify it would be using the API command with the above username as the dictionary_key as an example:

  • https://api-wpmasm1.apicasystemapica.comio/v3/scenarios/proxysniffer/dictionaries/SampleKey?auth_ticket=[authticket]

    • It would return the json entry of the encrypted value(s) for the key, SampleKey

Update key/value pairs like Username and Password

Overwrite key/value pairs like Username and Password

Decrypt/Retrieve keys like Password

...

Note that Apica ASM API Url ( https://api-wpmasm1.apicasystemapica.comio) is the base URL only (no path like v3/scenarios/proxysniffer/dictionaries/)

...