Store and encrypt a text string in the PATROL Agent.







text used by sec_store_get() to identify value


text that you want to put in the secure area of the PATROL Agent Often this function stores a password. In that case, the key is a user ID and value is a password.

application class

application class or classes that can retrieve value. When multiple application classes are given, the application class names should be separated by semi-colons

Application class that called the sec_store_set() function.


The sec_store_set() function enters value into the Secure Key Store (SKS) archive. For more information about the SKS archive, see the PATROL Security User Guide

Use this function to store and encrypt any text string. This function works with sec_store_get(), which you can use to retrieve a value stored by sec_store_set(). The sec_store_set() function returns 1 when successful and 0 when unsuccessful. 

For a complete list of error messages, see the following table. 

errno Value

Description of Failure


The user account that executed this function does not have permission to access the SKS archive.


PATROL could not find the application instance that executed this function.


PATROL could not set this value in the SKS archive.


PATROL could not get this value from the SKS archive.

The application_class parameter is a semi-colon separated list of one or more application classes. To retrieve value, an application class must be on this list. If you do not specify an application_class, sec_store_set() uses the default for this parameter, which is the application class that called sec_store_set(). 

You can use this function to write a PSL script that performs an action that requires a password. For example, the script can use a password to open a database. In this scenario, key is a user ID and value is a password. The sec_store_set() function stores the password in the secure area of the PATROL Agent, and your script uses sec_store_get() to retrieve the password. 

Giving a script password access to a protected resource presents a trade-off between security and usability. Requiring a person to enter a password is generally more secure than delegating this task to a script. The higher level of security, however, comes at a price to the person who has to remember the password or keep it in a safe place. While it is not the safest option, allowing a script to enter a password provides a much higher level of security than not using a password at all. Use this method of password management when you need to provide mid-level security.


This script demonstrates the sec_store_set() function.

sec_store_set("ORACLE/INSTANCE1/JSMITH", "paddy3","PATROL_NT;NT_SYSTEMS");

Was this page helpful? Yes No Submitting... Thank you