About
A credential store is the repository of security data that certify the authority of entities used by Java 2, J2EE, and ADF applications. Applications can use the Credential Store, a single, consolidated service provider to store and manage their credentials securely.
A credential store provider is responsible for storing and providing access to credentials.
The default credential store provider store Credentials in files in the domain. You can reconfigure the domain to use Oracle Internet Directory, rather than files, to store Credentials.
All the credentials are stored in the file cwallet.sso. You can find it on the FMW configuration directory:
Middleware_Home\user_projects\domains\domain name\config\fmwconfig
Integration of software (OBIEE with BIP, OBIEE with EPM suite) use intensively this mechanisms. For OBIEE 10g, it was the credentialstore.xml file.
Articles Related
WLST
Example of WLST script from the installation of sample app to add credentials in the credential store.
connect(sys.argv[1], sys.argv[2],sys.argv[3])
createCred(map="oracle.bi.enterprise",key="wsil.browsing",user="abell",password="Admin123",desc="BI Web Services for SOA browsing key")
createCred(map="oracle.bi.actions",key="JNDIUser",user="abell",password="Admin123",desc="Used for Actions Invoking EJB Methods")
createCred(map="oracle.wsm.security",key="keystore-csf-key",user="owsm",password="Admin123",desc="Credential to open default keystore")
createCred(map="oracle.wsm.security",key="enc-csf-key",user="orakey",password="Admin123",desc="Credential to encode messages")
createCred(map="oracle.wsm.security",key="sign-csf-key",user="orakey",password="Admin123",desc="Credential to sign messages")
exit()
where:
- the wsil.browsing account is used for the OBIEE Web Services for SOA
- the JNDIuser account is used in invokation of EJB through OBIEE Action framework.
- the other key in the map oracle.wsm.security are used by the BI Server in order to make a web service connection with Weblogic. See: Configuring Oracle Web Services Manager