How to use Credential Store Framework API (CSF) to retrieve Key, Username, and Password in Oracle BPEL Java Exec activity

 

In my last post, I have explained how to create a credential in Fusion Middleware using Credential Store Framework (CSF). An usual question arise is why do we need to store the credential in fusion middleware and why do we retrieve them in a Java class. The use case is simple,  we can save all the credentials required for an application in one place.For example, a web application (‘s) may connect to database, Web Service, LDAP, FTP etc. Each required different credential.  In some siuation, the password has to be reset on certain time interval. Instead of sharing the username and password to each developers, they can fetch it from one place by using a Map and  a Key.

A Map in CSF contains multiple unique keys . Each key is associated to  an username and a password. 

 

 If you dont know how to create a credential in fusion middleware then follow the below link before proceed 

How to create a credential in fusion middleware using Credential Store Framework 

 

the following link explains how to retrieve this username and password in a SOAP client 

How to consume the credential in a webservice client 

 

How to retrieve CSF credentials in Oracle BPEL Java Activity 

 

The context on this section is how to retrieve the username and password stored in fusion middleware in a BPEL Java class . I have used Oracle BPEL Java Activity in this example. This example follow the below step

 

  1. This Java class  using credential Store Framework API (CSF)  to retrieve the username, Password and description by a Map and a Key , then it prints the credential in the WebLogic console

 

Before proceed this, Look at the last two images in the  page for the MAP and KEY 

 

Step1: Grant your credential Map In system-jazn-data.xml file

 

 

Edit your system-jazn-data.xml file present under MW_HOME\user_projects\domains\<domain_name>\config\ . Add the following permission in the file. Replace the mapName with you mapName & keyName with your keyName.

You can download my system-jazn-data.xml for reference purpose

 

 

The screenshot of the above property:

 

091817_0534_HowtouseCre1 How to use Credential Store Framework API (CSF) to retrieve key, username and password in Oracle BPEL using Java activity

 

 

Step 2: Grant credential Map in System policy 

 

a). Log into WebLogic Enterprise manager, Expand the WebLogic domain, Right-click on your domain, security and System Policies

 

091817_0534_HowtouseCre2 How to use Credential Store Framework API (CSF) to retrieve key, username and password in Oracle BPEL using Java activity

 

b. Click on the Create button under System Policies

 

c. Input file:${domain.home}/servers/${weblogic.Name}/dc/- in the Codebase & Click the button Add under Create System Grant

 

d. Toggle on the checkbox Select here to enter details for a new permission & input the following property . Replace the mapName with your mapName

 

Permission Class: oracle.security.jps.service.credstore.CredentialAccessPermission

Permission Name: context=SYSTEM,mapName=oracle.wsm.security,keyName=*

Permission Actions: read

 

091817_0534_HowtouseCre3 How to use Credential Store Framework API (CSF) to retrieve key, username and password in Oracle BPEL using Java activity

 

e. Click Ok and Ok again

 

Step3: The BPEL Project with Java exec activity

 

  • Add the jps-manifest.jar file in your BPEL project classpath. The Jar file is present under MW_HOME\oracle_common\modules\oracle.jps_12.x.x\

 

  • Create a Java class that retrieves the username and password from WebLogic credentials:

 

 

 

  • Import the following Java Classes in your .bpel process :

 

 

  • Call the java method in your BPEL Java Activity:

 

 

  • Deploy the Project 

 

My sample BPEL Project: BPEL_CSF_API

 

Step 4:- Grant your deployed BPEL Java classes  in weblogic.policy 

 

  • Open the weblogic.policy file under MW_HOME\wlserver\server\lib folder . You can download my weblogic.policy file for reference. 

 

Note: You can find the deployed application location from YOUR_CLASS_LOCATION variable in the above Java class

 

 

 

Testing: 

 

The following is the credential stored in my weblogic server 

 

091817_0534_HowtouseCre4 How to use Credential Store Framework API (CSF) to retrieve key, username and password in Oracle BPEL using Java activity

 

The Bpel Java activity prints the following response:

 

091817_0534_HowtouseCre5 How to use Credential Store Framework API (CSF) to retrieve key, username and password in Oracle BPEL using Java activity

 

 

govindan How to use Credential Store Framework API (CSF) to retrieve key, username and password in Oracle BPEL using Java activity
Connect me

Govind

Thank you for visiting my personal blog. Myself Govindan, Software Developer by profession since 2006 and hence I started this blog early in 2016 and ever since I've been writing about technologies experienced and learnings of everyday life.

The views expressed on this blog are my personal views and do not necessarily reflect the views of my employer.

Please feeling free to reach me on any comments and feedbacks you have. Would be more than glad to listen and reply 🙂
govindan How to use Credential Store Framework API (CSF) to retrieve key, username and password in Oracle BPEL using Java activity
Connect me
By | 2017-09-18T23:02:56+00:00 September 18th, 2017|Categories: BPEL|Tags: , , , |0 Comments
Like us on Facebook.
Connect!