How can you protect production passwords?

Question

How can you protect production passwords, which can easily be seen by tContextDump?

 

Talend Studio is primarily a development and testing environment. Developers should be given only contextual information related to the development and testing environment; they should not have access to production passwords.

 

It is OK if a developer tries to print test/dev passwords; production remains secure. However, a developer could still add malicious code to a Job to reveal a production password, or send email to somebody from within a Studio Job.

 

Answer

This type of code tampering can be prevented using a code review. When a Job has been tested, reviewed, and is ready to be deployed, a qualified individual can set up the contextual information as parameters in Talend Administration Center (TAC), which is password restricted.

Version history
Revision #:
8 of 8
Last update:
‎04-04-2019 01:29 AM
Updated by: