FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Avoid exposing of User Name and Password in Synthetic Monitor for SOAP Requests

Go to solution
PraveenYendluri
Frequent Guest

‎01 Feb 2024 07:30 PM - last edited on ‎07 Mar 2024 08:31 AM by Community Team

We want to avoid exposing (or protecting ) user name and password in our synthetic monitor HTTP Requests.

Labels:
Reply
3 REPLIES 3

Go to solution
dannemca
DynaMight Guru
DynaMight Guru

‎01 Feb 2024 08:16 PM

You should use the Credential Vaults then: https://docs.dynatrace.com/docs/platform-modules/digital-experience/synthetic-monitoring/general-inf...

 

Site Reliability Engineer @ Kyndryl
Reply

Go to solution
PraveenYendluri
Frequent Guest
In response to dannemca

‎02 Feb 2024 03:09 PM

Thank you very much !!

Continue to the above question: how to use/add/populate the user name and password into my SOAP Header Security Tag from Vault (may be from Azure Key Vault). Example of my SOAP Header with Security Tag

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:soap="http://www.XYZ.com/Services/SOAPHeaders" xmlns:req="http://info.XYZ.com/Services/add/Operational/Messages/Request">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-24" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>MYUSERNAME</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
MYPASSWORD
</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"/>
</wsse:UsernameToken>
</wsse:Security>

 

0 Kudos
Reply

Go to solution
dannemca
DynaMight Guru
DynaMight Guru
In response to PraveenYendluri

‎02 Feb 2024 03:42 PM - edited ‎02 Feb 2024 03:45 PM

You should use the native Credential Vault from Dynatrace to use them into your synthetics.

Then you can replace the code with your vault like this:

 

<wsse:Username>'{CREDENTIALS_VAULT-ID|username}'</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
'{CREDENTIALS_VAULT-ID|password}'
</wsse:Password>

 

Site Reliability Engineer @ Kyndryl
Reply
Ask a question

Featured Posts