Clarification on “CredentialStore” password management:
While retrieving the password stored in the credential store, using the “CredentialStoreAdmin tool”(using --showpw) i'm are getting unreadable/junk/encrypted(??) characters.
From the command **Usage**( CredentialStoreAdmin tool) below ; the --showpw option should return clear text.:
The CredentialStoreAdmin class is a command-line tool that provides complete access to the credential store backing file on the local machine.
common [required]:
help: Display help for the commands for this tool
add: Add a user account and password for a specified host to the credential store
list: List all host names and user accounts contained in the credential store; use with:-
--showpw: argument to display in cleartext
-h: argument to list user name and password for the host
remove: Remove the user account and password from the credential store for the specified account
clear: Clear all content from the credential store
What is being done? The below use case illustrates the requirement.
Use Case:
- Store the vCenter/ESX/ESXi server password locally using credential store.
- Use the password stored in the credential store for automatic logon.
- Pass the password stored to open session with vCenter/ESX/ESXi server.
Also tried the same using **credstore_admin.pl** (from VMware vSphere SDK for Perl).
Here the password returned with “get” option is readable.
VMware WEB SDK Used(JAVA): VMware-vSphere-SDK-5.5.0-1284541
VMware PERL SDK Used VMware-vSphere-Perl-SDK-5.5.0-1384587
Let me know if this is the expected behavior if not how to get the password in human readable form.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Found bug at line number 314 in CredentialStoreStorage.java file which is part of VMware SDK 5.5.
Need to use below line:
return (new String(DatatypeConverter.parseHexBinary((cacheData.get(key)))).toCharArray());
Instead of below line:
return DatatypeConverter.parseHexBinary(cacheData.get(key)).toString().toCharArray();
Reason for getting incorrect value from second return is the “toString()” method; which returns by default address of that string
(If it is not over written in a class) that has been converted to char array and send it back to “getPassword” function that
causes printing junk char as password output.
Whereas “new String” method returns content of string because of that in first return we will get correct string that has
been converted to char array and send it back to “getPassword” function where it will be printed as correct password (in cleartext).
*** But still after this change code is working for Windows system but it is not getting correct password on Linux system.
Please let me know what am I missing in this ???
