Thanks to SAS's Personal Login Manager, the initial connection to the remote server works without password (or password hash). However, it seems to be necessary to specify the passwords of the individual databases (user xxuser
password xxpwd
, see example below).
Is there a way connecting to different databases on a database server without password (hash) in the SAS code?
/* Connect to database server works without password
thanks to SAS's Personal Login Manager */
%dosignon(srvcomponent=xxxremoteSAS);
/* SQL direct pass-through to server */
rsubmit;
/* Define SAS-libraries (on server) */
libname remote_db_a db2 dsn=dbxa schema=xxschema1 user=xxuser password= "xxpwd";
libname remote_db_b db2 dsn=dbxa schema=xxschema2 user=xxuser password= "xxpwd";
endrsubmit;
/* Link local library names with the ones the server */
libname remote_db_a a libref=remote_db_a server=&sessid.;
libname remote_db_b a libref=remote_db_b server=&sessid.;
A work-around is to encode the password string with proc pwencode in="plaintextPassword"; run;
and to use this hash instead of xxpwd
in the soruce code. A potential attacker can now no longer use the password to access other accounts, but of course can still access any database.
PS: I am new to SAS, so the SAS documentation looks like a book with seven seals to me. I asked various SAS experts, but I am not satisfied with the password-hashing suggestion.
Related questions and answers: