Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

Home/BPM, WebLogic/Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

In some situation, Oracle SOA composite, or ADF application depends on username and password to communicate to a third-party system like Web Service, RMI, etc. Storing the credential inside the application is a bad design. It leads into a transparency of password; Also, the credentials may vary on each environment like DEV, QA, and PROD. So, the question usually arise where to store the username and password that application is looking for?

 

Oracle Fusion Middleware provides Credential Store Framework ( CSF ). Using it, we can store the application dependent credentials inside WebLogic server. All it requires is a MAP and KEY. A map is the placeholder of one of more key. A key is the holder of username and password. The password is encrypted.

 

For example, I have an application MyApp that communicates with three third party system, a Web Service, an LDAP Store and an RMI server. Each requires the credential to authenticate. So below is Credential Store of MyApp application in FMW look like.

 

031117_1722_ConfigureCr1 Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

 

Note: Use oracle.wsm.security as map name if your application is Oracle SOA Composite & using this credential store in your web service client because the built-in module Web Services Manager (WSM) takes care of your web service authentication automatically.

For example, In SOA Composite, use Oracle/wss_username_token_client_policy as security policy and mention the store key name in CSF variable in all the Web Service client.

We can create this credential store using WLST or Enterprise Manager. In this section, we walk through how to create a Credential store using WebLogic Enterprise manager and oracle.wsm.security as map name.

 

Create a Credential Store

 

1. Login into the WebLogic Enterprise Manager as an admin user. The default URL is http://HOSTNAME:PORT/em

The Fusion Middleware that I am using is version 12.2.1

031117_1722_ConfigureCr2 Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

 

2. Go to WebLogic Domain, Security, and Select Credentials

In older version: Expand WebLogic Domain, Right-click on your domain, Security, Credentials

 

031117_1722_ConfigureCr3 Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

 

3. Click on Create Map button, enter oracle.wsm.security as MAP Name & Click Ok

 

031117_1722_ConfigureCr4 Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

 

4. Select the Map oracle.wsm.security and click the button Create Key. Input the following details

Key => The key name is important. This is Key Store Name. You need this name to mention in CSF attribute in web service client

User Name => Your web service login name

Password => Your web service password

Note: Don’t change the map name unless you are going to use it other than web service

 

031117_1722_ConfigureCr5 Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

 

That’s it we are done with configuring a key store using Credential Store Framework. In my upcoming post, I will explain the following topics

1. Create a WebService that support Credential Store Framework  

2. How to use the Credential Store in a web service client in an SOA Composite

3. How to use this credential Store in an ADF Application

4. How to use this Credential Store in a BPEL Java execution

5. How to use credential store framework in a java web application

pgn Configure WebLogic Credentials Store using Credential Store Framework ( CSK )

Govind

Thank you for visiting my personal blog. Myself Govindan, Software Developer by profession since 2006 and hence I started this blog early in 2016 and ever since I've been writing about technologies experienced and learnings of everyday life.

The views expressed on this blog are my personal views and do not necessarily reflect the views of my employer.

Please feeling free to reach me on any comments and feedbacks you have. Would be more than glad to listen and reply 🙂
pgn Configure WebLogic Credentials Store using Credential Store Framework ( CSK )
Like us on Facebook.
Connect!