Configure WebLogic Credentials Store using Credential Store Framework ( CSK )
In some situation, Oracle SOA composite, or ADF application depends on username and password to communicate to a third-party system like Web Service, RMI, etc. Storing the credential inside the application is a bad design. It leads into a transparency of password; Also, the credentials may vary on each environment like DEV, QA, and PROD. So, the question usually arise where to store the username and password that application is looking for?
Oracle Fusion Middleware provides Credential Store Framework ( CSF ). Using it, we can store the application dependent credentials inside WebLogic server. All it requires is a MAP and KEY. A map is the placeholder of one of more key. A key is the holder of username and password. The password is encrypted.
For example, I have an application MyApp that communicates with three third party system, a Web Service, an LDAP Store and an RMI server. Each requires the credential to authenticate. So below is Credential Store of MyApp application in FMW look like.
Note: Use oracle.wsm.security as map name if your application is Oracle SOA Composite & using this credential store in your web service client because the built-in module Web Services Manager (WSM) takes care of your web service authentication automatically.
For example, In SOA Composite, use Oracle/wss_username_token_client_policy as security policy and mention the store key name in CSF variable in all the Web Service client.
We can create this credential store using WLST or Enterprise Manager. In this section, we walk through how to create a Credential store using WebLogic Enterprise manager and oracle.wsm.security as map name.
Create a Credential Store
1. Login into the WebLogic Enterprise Manager as an admin user. The default URL is http://HOSTNAME:PORT/em
The Fusion Middleware that I am using is version 12.2.1
2. Go to WebLogic Domain, Security, and Select Credentials
In older version: Expand WebLogic Domain, Right-click on your domain, Security, Credentials
3. Click on Create Map button, enter oracle.wsm.security as MAP Name & Click Ok
4. Select the Map oracle.wsm.security and click the button Create Key. Input the following details
Key => The key name is important. This is Key Store Name. You need this name to mention in CSF attribute in web service client
User Name => Your web service login name
Password => Your web service password
Note: Don’t change the map name unless you are going to use it other than web service
That’s it we are done with configuring a key store using Credential Store Framework. In my upcoming post, I will explain the following topics
3. How to use this credential Store in an ADF Application
4. How to use this Credential Store in a BPEL Java execution
5. How to use credential store framework in a java web application
The views expressed on this blog are my personal views and do not necessarily reflect the views of my employer.
Please feeling free to reach me on any comments and feedbacks you have. Would be more than glad to listen and reply 🙂