Page tree
Skip to end of metadata
Go to start of metadata

Security Concepts in EEM

Protecting Passwords

The central security concept to store sensitive data like passwords is secure variables. Secure variables are not stored as part of the normal script configuration. Instead, only references to dedicated secure storages are stored in the script configuration. Depending on the execution context (editor or robot) different implementations for the secure storage are used.


On editor side the Equinox secure storage architecture is used. Check the Eclipse documentation links on implementation details:

The encrypted data is stored in the file %USERPROFILE%\.eclipse\\secure_storage.


On robot side secure variables are stored in the application configuration of the EEM agelet. In the file system, these properties are persisted in the file \usr\sap\DAA\SMDA98\SMDAgent\applications.config\ Location varies depending on agent SID and instance. The encryption status and algorithm can be displayed for each diagnostics agent via diagnostics agent administration. Click button More Details - then column File System Encryption will display the encryption status and the algorithm used.


When transferring secure properties between editor, robot, and Solution Manager use of SSL is recommended.


Care is taken in general to make sure that secure variables are not shown in clear text in the user interface or in log files. There are, however, some exceptions:

  • If you add secure variables as URL parameters there is no protection. For a URL like http://host:port/?password=\{mysecurevariable} the value of mysecurevariable might show up in the logs. Since passing passwords as URL parameters is in general highly insecure and discouraged this is not considered as an EEM limitation.
  • Passwords may be contained in recordings of the EEM client plugin, especially in POST bodies. The EEM editor removes the passwords with well-known parameters like sap-password and j_password in the recording which is copied to the editor workspace, but it does not touch the original recording (Since 7.1 SP8).
  • Values for secure properties may show up in HTTP stream traces if they are not recognized as password parameters, i.e. if they are not associated with the parameters j_password or sap-password.
  • No labels