Class DelineaCredentialFactory
- All Implemented Interfaces:
ISecretProvider
CredentialFactory that reads its credentials from Delinea (formerly Thycotic) Secret Server.
To set up Delinea in the Framework, you need to set the following properties in credentialproperties.properties:
credentialFactory.class=org.frankframework.credentialprovider.delinea.DelineaCredentialFactory
credentialFactory.delinea.autoComment.value=Use this comment
credentialFactory.delinea.tenant=waf
credentialFactory.delinea.tld=eu
credentialFactory.delinea.oauth.username=username
credentialFactory.delinea.oauth.password=password
If you use these settings, the default URLs will be used with the given properties from the code block above:
https://<tenant>.secretservercloud.<tld>/api/v1which will translate tohttps://waf.secretservercloud.eu/api/v1based on these settingshttps://<tenant>.secretservercloud.<tld>/oauth2/tokenwhich will translate tohttps://waf.secretservercloud.eu/oauth2/tokenbased on these settings
Please note that using the credentialFactory.delinea.autoComment.value is optional. If not set, the feature to comment before getting a secret will
not be used. If set, this value will be used as a comment when getting the secret. See
Delinea API documentation for more information.
Ideally you'd use the above, but you can also use a different url template, or specify the complete url by using one of the following properties
(eg: use apiRootUrl or apiRootUrlTemplate, not both. Same for the tokenUrl and tokenUrlTemplate):
# define a complete url
credentialFactory.delinea.apiRootUrl
credentialFactory.delinea.oauth.tokenUrl
# define a custom template (make sure to use %s twice for the tenant and tld placeholders)
credentialFactory.delinea.apiRootUrlTemplate=https://%s.secretservercloud.%s/api/v1
credentialFactory.delinea.oauth.tokenUrlTemplate=https://%s.secretservercloud.%s/oauth2/token
Delinea secrets are referenced by ID in an authAlias, because they are retrieved from the Secret Server by id. See the Get Secret API.
To use this CredentialFactory, you will have to set up a Delinea Secret Server within the Delinea Platform. In the documentation above we assume this is already done and that username and password properties reference an active 'local user'
- See Also:
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionreturn a list of all configured aliases, or null if such a list cannot be provided.getSecret(CredentialAlias alias) booleanhasSecret(CredentialAlias alias) voidinitialize() of an implementation can throw an exception when the credentialFactory cannot be properly configured and used.
-
Constructor Details
-
DelineaCredentialFactory
public DelineaCredentialFactory()
-
-
Method Details
-
initialize
public void initialize()Description copied from interface:ISecretProviderinitialize() of an implementation can throw an exception when the credentialFactory cannot be properly configured and used.- Specified by:
initializein interfaceISecretProvider
-
hasSecret
- Specified by:
hasSecretin interfaceISecretProvider
-
getConfiguredAliases
Description copied from interface:ISecretProviderreturn a list of all configured aliases, or null if such a list cannot be provided.- Specified by:
getConfiguredAliasesin interfaceISecretProvider
-
getSecret
- Specified by:
getSecretin interfaceISecretProvider- Throws:
NoSuchElementException
-