How to Add a New Salesforce Password Manager
CopyStorm supports reading Salesforce credentials from a user-supplied Salesforce password manager.
This feature was introduced when a customer had strict rules on password changes for service accounts in Salesforce and did not want to:
- Change the saved password in many CopyStorm configuration files.
- Provide the password to CopyStorm on the command line due to security rules.
Since this customer used their own company-wide password manager, an extension was added to CopyStorm to allow them to retrieve password information directly from their password manager instead of from CopyStorm configuration files or the command line.
This article describes how to add a new custom password manager to CopyStorm.
The process to add a new Salesforce password manager to CopyStorm is to:
- Write a Java class that extends the class com.aslan.sfdc.connect.credentials.AbstractSalesforceUserPasswordCredentials.
- Package the new Java class in a jar and place it in the “lib” subdirectory of the CopyStorm installation.
- Add a new CredentialsRegistry.xml file to CopyStorm’s config directory to register the new credential manager with CopyStorm.
Writing the Java Class
The Java class needs to extend com.aslan.sfdc.connect.credentials.AbstractSalesforceUserPasswordCredentials, and will need to override/implement the following methods:
|String getUsername()||Yes||Returns the username used when authenticating with Salesforce.|
|String getPassword()||Yes||Returns the password used when authenticating with Salesforce.|
|String getSecurityToken()||Yes||Returns the security token used when authenticating with Salesforce.|
|int injectIntoUI(JPanel panel, int startRow)||No||Adds any UI elements needed by the password manager to the CopyStorm UI.|
|boolean isAvailable()||No||Returns true if the password manager should appear as an option in the UI.|
|void saveState(Element e, boolean savePasswords)||Yes||Adds XML attributes to the provided Element to save any information needed to restore system state. This information is saved to CopyStorm’s configuration file.|
|void restoreState(Element e)||Yes||Restore XML state saved via saveState()|
|String getFingerprint()||Yes||Returns a value used to determine whether or not credentials have changed. This is used to determine whether or not a cached session may be used when connecting with Salesforce.|
|boolean isComplete()||Yes||Returns true when information provided by the user is enough to attempt a connection to Salesforce.|
|void clear()||Yes||Clears out any internal state kept by the password manager.|
In addition to the required methods above, there are several convenience methods which may be used by credential managers:
|void fireCredentialsComplete(boolean complete)||Enables or disables the “Test Salesforce Connection” button.|
|void addRowToUI(String label, String toltip, JComponent editor, JPanel panel, int row||Adds a new editor to the UI.
This method can be used in the injectIntoUI() method to maintain consistent styling with the rest of the CopyStorm UI.
|String encrypt(String text)||Encrypts text.
This method can be used in the saveState() function to avoid implementing a custom encryption scheme to support encrypting saved passwords.
|String decrypt(String encryptedText)||Decrypts text encrypted with encrypt().
This method can be used in the restoreState() function to avoid implementing a custom encryption scheme.
|void saveXMLAttribute(Element e, String key, String value)||Adds a new attribute to an XML element.
This method can be used in the saveState() function to avoid interacting with the Element directly.
|String loadXMLAttribute(Element e, String key)||Retrieves an attribute to an XML element
This method can be used in the restoreState() function to avoid interacting with the Element directly.
Adding the New Password Manager to CopyStorm
CopyStorm discovers all available Salesforce Password Managers by looking for a file named “CredentialsRegistry.xml” in the CopyStorm config directory.
The following CredentialsRegistry.xml file will load a new password manager named “Keyring”:
<Credentials> <CredentialType family="Salesforce" name="Keyring" class="com.mycompany.copystorm.credentials.KeyringSalesforceCredentials" /> </Credentials>
Example Credential Manager: Keepass
Click Here to view the Java source of Capstorm’s built-in Keepass Salesforce password manager.