Monday, December 23, 2013

Accessing Credential Store from ADF application

Sometimes we need to use credentials (username and password) in ADF applications to connect to backend applications.

We had a scenario where we needed to add attachments to the Imaging server using imaging webservice from an adf form. To access this particular service, we needed to use credentials of the Admin user, in our case it was 'weblogic'.

Considering these credentials can be different per environment, you would be tempted to put it in a properties file or in a database table. This is a big security risk considering the passwords can be in plain text format. You can apply encryption and decryption mechanism to store the password in encrypted format, but that requires additional development time and still not fool proof.

Oracle Platform Security Services includes the Credential Store Framework (CSF), a set of APIs that applications can use to create, read, update, and manage credentials securely OPSS is inherent part of Fusion Middleware Security and can be used within applications running on fusion middleware platform.
The Credential store basically comprises of maps with unique names and each map can store or retrieve credentials based on a unique Key, for which we need to create a credential store entry for the Key, update the jazn-data.xml file of your ADF application to allow credential store to be accessed by the application and finally write a java code to access the credential store.

Below are the steps you need to follow to access the credential store from ADF application:
  1. Adding a key "basic.credential" to an already existing map ""
  2. Log  into Enterprise Manager and select your weblogic domain , from the drop down select securities and then click on Credentials

  3. Select the map(in our case we are using an already existing  map “”) where you want to add the key and click on Create Key

  4. Following window opens , where you can fill the details and click OK

  5. Your key is now created and map is updated

  6. Open you adf project and update its jazn-data.xml to add following credential access permission to use newly created key in credential store 


    Above mentioned policy enables access to the credential store for the application containing the java class implementing the credential store access.
    Where CodeFormApp_V2.0  is the name of our ADF application.

    The name of your application is the name of your EAR and appended with _V2.0 if ADF Security is enabled. You can also validate the path of your deployed application from the value of url in the codesource element of the jazn policy mentioned above. 

  7. Now add the following code to your java class to retrieve the user credentials

    public  String[] getUserCredentials() {
            String[] password = new String[2];
            try {
                JpsContextFactory factory = JpsContextFactory.getContextFactory();
                JpsContext jpsContext = factory.getContext();
                final CredentialStore store =
                Credential cred =
                    AccessController.doPrivileged(new PrivilegedExceptionAction<PasswordCredential>() {
                        public PasswordCredential run() throws JpsException {
                            return (PasswordCredential)store.getCredential("",
                PasswordCredential pwdCred = (PasswordCredential)cred;
                password[0] = pwdCred.getName();
                password[1] = new String(pwdCred.getPassword());
            } catch (PrivilegedActionException exc) {
                              "Error getting credentials from default store:" +
                              exc.getMessage() + "\nStackstrace: " + exc.getStackTrace());

            return password;

    Where password[0] is the value of username and password[1] is the value of password.

    Above values can be used to access the webservice.

I hope that this code tip helps you out!

Thanks to Siddhartha Agarwal for today's article.



  1. Hi Ryan
    I followed your instructions, but i am getting below error
    access: access denied ( context=SYSTEM,,keyName=FusionCloudWSSecurityKey read)

    Below is my Jazn-data.xml


    Can you help please, what am i missing.

  2. I am very fond of your blogging and posting. I like you every post.

  3. I am also getting same error "access denied". Can anyone have answer ?

  4. Here you will find some explanation on types of essays that are common in the college. I think that you should check them out before you decide to write essay.

  5. Very Interesting and wonderfull information keep sharing
    Read More

  6. If you are in Jaipur and need beautiful Jaipur Escorts or white skin Jaipur Escorts then you can simply book call girls in Jaipur from one of the best escort agency named Jaipur Escorts. It is No.1 premier escort agency and provide both incall or outcall facility to clients.Please click on the following link to check the official websites Jaipur Escorts

  7. Avail the best Siemens swot analysis and HR case study examples with History case study answers at My AssignmentHelp. They are a team of highly skilled professionals at providing complete assignments in any educational field.

  8. Everything should be based on fact. The arrangement of fact and information is not an easy task sometimes it becomes a very tough task to do in such cases student can go through online Assignment Help , and these services are very reliable, and they can provide information about any topic related to the academics. If you need any college level Assignment Help at reliable quality with better work. Kindly visit our website.

  9. You will feel good connecting with most of our tutors. 24 * 7 service and support is provided to all our users. We help with projects requiring All Assignment Help work. Get My Homework Done


  10. The hectic world, a usual silhouette of wrinkled-faces and lack of time & good people make absolute absence of Love in our lives. Only a smile means to exist in the whole world bringing itself a Comet of Love. So it takes you believe onFemale Escorts in Agraliable to fulfill your lives with real sense of love. Check our other Services...
    Russian Escorts in Agra
    Escorts in Agra
    Female Escorts in Agra
    Russian Escorts in Agra
    Russian Escorts in Agra