BookmarkSubscribeRSS Feed
shashikalachiluka
Calcite | Level 5

Hi There,

    Is there a way to shield SQL userid and Pwd from being displayed in the SAS program. I know we could pass in the usrid and pwd from command prompt while executing, Is there any other way to retrieve this info from a specified location.

Thank you all for the inputs..

Shashikala Chiluka

6 REPLIES 6
tish
Calcite | Level 5

I've done this in the past when passing passwords through to a data warehouse. I set up a macro library file in my personal space on a secure server. That file had one macro, with just the command to send in the password. In my main program I point to the macro library. When I run PROC SQL, I invoke my password macro. So long as MPRINT is not on, the passwords are not displayed.

This also works in the situation where more than one person might run a program, but they need to sign on to the remote server separately. They each have an identically named little macro library with the identically named macro which all issue the specific userid and pwd.

Hope this helps.

shashikalachiluka
Calcite | Level 5

Hi Tish,

    Thanks for the reply. This definitely helps...

Regards,

Shashikala Chiluka

Doc_Duke
Rhodochrosite | Level 12

I've never thought that PWENCODE had any advantage over Tish's approach (which I also use).  With PWENCODE, you still have to protect the file with the encoded PW in it.  I use the protected file approach to include the entire libname or connect statement.

Doc Muhlbaier

Duke

Quentin
Super User

I think there may be some small benefits to PWENCODE (in addition to Tish's method).  In an environment where you share code, people sometimes try to share secret passwords in an encrypted compiled macro like:

%macro password();

options nomprint;

MySecretPassword

options mprint;

%mend;

Which usually keeps things secret until someone curious tries:

%put %bquote(%password() );

I guess the real benefit of adding PWENCODE is that if source code for the macro is revealed, you don't see the actual password (useful to anyone who might want to misuse it for any application), you see the encoded password (useful only to SAS programmers).  I suppose could also help someone meet a strict corporate rule not to store clear-text passwords anywhere.

BASUG is hosting free webinars Next up: Jane Eslinger presenting PROC REPORT and the ODS EXCEL destination on Mar 27 at noon ET. Register now at the Boston Area SAS Users Group event page: https://www.basug.org/events.
SASKiwi
PROC Star

I'd be interested in knowing what database the userid and password needs to be shielded for. If you are lucky enough to be in an entirely Windows environment and your databases can handle Windows authentification, for example SQL Server and SAS data, then you don't need to supply a userid or password at all and rely on the userid/password of the Windows account the SAS job is being run from Smiley Happy.

sas-innovate-2024.png

Join us for SAS Innovate April 16-19 at the Aria in Las Vegas. Bring the team and save big with our group pricing for a limited time only.

Pre-conference courses and tutorials are filling up fast and are always a sellout. Register today to reserve your seat.

 

Register now!

What is Bayesian Analysis?

Learn the difference between classical and Bayesian statistical approaches and see a few PROC examples to perform Bayesian analysis in this video.

Find more tutorials on the SAS Users YouTube channel.

Click image to register for webinarClick image to register for webinar

Classroom Training Available!

Select SAS Training centers are offering in-person courses. View upcoming courses for:

View all other training opportunities.

Discussion stats
  • 6 replies
  • 1034 views
  • 1 like
  • 6 in conversation