(Weblogic|Fusion Middelware) - Credential Store Framework (CSF)


A credential store is the repository of security data that certify the authority of entities used by Java 2, J2EE, and ADF applications. Applications can use the Credential Store, a single, consolidated service provider to store and manage their credentials securely.

A credential store provider is responsible for storing and providing access to credentials.

The default credential store provider store Credentials in files in the domain. You can reconfigure the domain to use Oracle Internet Directory, rather than files, to store Credentials.

All the credentials are stored in the file cwallet.sso. You can find it on the FMW configuration directory:

Middleware_Home\user_projects\domains\domain name\config\fmwconfig

Integration of software (OBIEE with BIP, OBIEE with EPM suite) use intensively this mechanisms. For OBIEE 10g, it was the credentialstore.xml file.


Example of WLST script from the installation of sample app to add credentials in the credential store.

connect(sys.argv[1], sys.argv[2],sys.argv[3])
createCred(map="oracle.bi.enterprise",key="wsil.browsing",user="abell",password="Admin123",desc="BI Web Services for SOA browsing key")
createCred(map="oracle.bi.actions",key="JNDIUser",user="abell",password="Admin123",desc="Used for Actions Invoking EJB Methods")
createCred(map="oracle.wsm.security",key="keystore-csf-key",user="owsm",password="Admin123",desc="Credential to open default keystore")
createCred(map="oracle.wsm.security",key="enc-csf-key",user="orakey",password="Admin123",desc="Credential to encode messages")
createCred(map="oracle.wsm.security",key="sign-csf-key",user="orakey",password="Admin123",desc="Credential to sign messages")


Powered by ComboStrap