http://qs1969.pair.com?node_id=928590

nimdokk has asked for the wisdom of the Perl Monks concerning the following question:

I've done a bit of searching here on this topic, but either I'm not asking myself the right question or I'm missing something. I have a script that accesses a Windows app via COM API. The app requires a connection that includes a user name/password to authenticate so you can access and do what you need to do. Currently, the user ID/password are hard coded into the script so anyone on my team who uses the script does the work as that user instead of their own account. I've initiated a request to our vendor to address this so that we can use something like the "currently logged on user" for our authentication via the COM API (this is functionality availble in the GUI front-end but not apparently in the COM API objects we can access). Not sure when this will get done. In the meantime, I'd revising things so that when a user runs the script, it will prompt them for their user ID and then password which would then be passed in to authenticate the connection. My question: is there a good/recommended way to prompt a user for a password and then hash it or do something so that the password is not kept in clear text but can be passed for authenticating the connection to the app. The audience on this functionality is extremely limited to myself and my two co-workers (no one else would be able to run and administer the application using these scripts). I'm really not sure where to begin beyond setting the script up to prompt for user ID/password. Here is what I have at the moment:
use strict; use warnings; use Win32::OLE; use Data::Dumper; ## specify EFT connection information. If the eftadmin password change +s, it needs to be changed here as well. our $domain='OurDomain\\'; our $pass; our $user; CONNECTION: { print "Account ID? "; chomp (my $s_id=<STDIN>); $user=$domain . $s_id; print "Using $user to authenticate.\n"; print "Password? "; chomp (my $pass=<STDIN>); print "Password: $pass\n"; }
One thought I had would be to make the connection right away and then change the value of $pass to some garbage (or set it to undef or something like that so it's no longer valid - it would only be needed once to make the connection - the code to make the connection has not been included in this sample). If there's something I can look at to figure out my issue, please let me know (I'm not looking for a specific answer - just some place I can go to find an answer - or suggestions). If possible, I'd like to avoid having to load additional modules (unless that is the best answer). Thanks in advance