CopyStorm supports reading Salesforce credentials from a user-supplied Salesforce password manager.
This feature was introduced when a customer had strict rules on password changes for service accounts in Salesforce and did not want to:
- Change the saved password in many CopyStorm configuration files.
- Provide the password to CopyStorm on the command line due to security rules.
Since this customer used their own company-wide password manager, an extension was added to CopyStorm to allow them to retrieve password information directly from their password manager instead of from CopyStorm configuration files or the command line.
This article describes how to add a new custom password manager to CopyStorm.
The process to add a new Salesforce password manager to CopyStorm is to:
- Write a Java class that extends the class com.aslan.sfdc.connect.credentials.AbstractSalesforceUserPasswordCredentials.
- Package the new Java class in a jar and place it in the “lib” subdirectory of the CopyStorm installation.
- Add a new CredentialsRegistry.xml file to CopyStorm’s config directory to register the new credential manager with CopyStorm.
The Java class needs to extend com.aslan.sfdc.connect.credentials.AbstractSalesforceUserPasswordCredentials, and will need to override/implement the following methods:
In addition to the required methods above, there are several convenience methods which may be used by credential managers:
CopyStorm discovers all available Salesforce Password Managers by looking for a file named “CredentialsRegistry.xml” in the CopyStorm config directory.
The following CredentialsRegistry.xml file will load a new password manager named “Keyring”:
Click Here to view the Java source of Capstorm’s built-in Keepass Salesforce password manager.