Access OpenHAB RESTful service from rules - how to remove clear text password?

Thanks for the good community, I have found a solution to iterate over Things via RESTful service to find out and send alert when Things are offline. However in my current solution I have to enable HTTP basic authentication, and put username and password as clear text in rules file. Since I use GitHub to keep versions of rules, I don’t feel secure include username/password there. So I’d like to ask what are my options if I don’t want to hard code username/pwd in my rules?

    val json = sendHttpGetRequest("http://user:password@192.168.1.xx:xxxx/rest/things")
  1. Is there a way to put username/password as sort of environment property so rules just read from those properties?
  2. Possible to call RESTful service without authentication (if the call is made from the same IP or within OpenHAB)?

Many thanks in advance!

With executeCommandLine you should have access to environment variables as well as to the filesystem. Set a variable within the rule or use an item carrying the value based on the returned value of executeCommandLine.