Login Credentials and Encryption
When a connection is registered, it may be passed login credentials (user name, password, and a trusted connection flag). When adding a connection, these credentials should be passed as separate parameters (the exception being a DSN (Data Source Name) that may already contain these credentials in the DSN).
Normally, this information is stored in the connections INI file. The password will be encrypted. The credentials are read and decrypted as part of LoadStoredConnections. The credentials are encrypted and written by sending the message StoreConnectionIdCredentials. Augmentable interfaces exist for encrypting and decrypting passwords, as well as for reading and writing credentials to the connections INI file.
StoreConnectionIdCredentials
The StoreConnectionIdCredentials method is used to store login credentials (user name, password, and trusted connection) in the connections INI file. This is the message used by the database login dialog to store successful login credentials.
This method first encrypts the password by sending EncryptPassword and then stores the credentials by calling OnWriteCredentials. While this method can be augmented, you should first look into augmenting EncryptPassword, DecryptPassword, OnWriteCredentials, and OnReadCredentials.
EncryptPassword and DecryptPassword
EncryptPassword is used to encrypt a password. It is passed the plain text password and returns the encrypted password.
DecryptPassword is used to decrypt a password. It is passed an encrypted password and returns a plain text password.
Both functions first test the pbEncryptPassword property. If False, encryption is disabled, and the same value passed in is returned.
If the pbEncryptPassword is true, EncryptPassword and DecryptPassword send this same message on to a password encryption object. This is an object that is added by using the login encryption package (e.g., Use LoginEncryption.pkg). The actual encryption/decryption occurs in this package. This package can be replaced with your own custom package where you can augment DecryptPassword and EncryptPassword to handle custom encryptions.
Because customization is handled by the encryption login object, you should not normally augment the EncryptPassword and DecryptPassword functions in the cConnection class.
OnReadCredentials and OnWriteCredentials
LoadStoredConnections is used to read the connections INI file. The method calls the OnReadCredentials event, which reads the user name, password, and trusted connections flag from the INI file.
The StoreConnectionIdCredentials method calls the OnWriteCredentials event to write credentials to the connections INI file.
The OnReadCredentials and OnWriteCredentials events contain code (they are not empty). You can replace this code with your own custom code. If you do this, you will almost always augment the OnReadCredentials and OnWriteCredentials as a pair. You might do this to read/write the data to a different location (e.g., registry instead of a connections INI file) or to read/write the data using a special INI key name (e.g., PWD1= instead of PWD=).
If password encryption is used, the password passed into OnReadCredentials and OnWriteCredentials is encrypted.