Eclipse-secure storage vault
Username is stored in the database and password is stored in the Eclipse secure storage vault, when you are using the username and password authentication for message flows.
Password is stored as key and value pair in the Eclipse secure storage vault. The key is formed with the data source ID and username, and the value of the key is its password. This feature eliminates the security risk where the message flow is used to store the password in plain text format.
The username is stored in the message flow and password is stored in the Eclipse secure storage vault, when the new data source is mapped to a Client Item and added to a manufacturing node, for example, OPC-UA-Input node.
After the data source is created by using self-signed SSL certificate, the credentials are
stored in the Eclipse secure storage vault in the datasourceId/acmfgPrivateKeyUser
format.
You can see the stored the password in Eclipse by navigating to .
- If you delete the secure storage vault, all the key-value pair mapping gets automatically deleted from the secure storage file.
- Old message flows in which data source is created with username and password, do not work with this implementation. You need to re-update the data source, remap the client items, and add to the node.
- You must manually set the password on runtime by using the mqsisetdbparms command or by creating a secured vault.