Sometimes we need to use credentials (username and password)
in ADF applications to connect to backend applications.
We had a scenario where we needed to add attachments to the Imaging
server using imaging webservice from an adf form. To access this particular
service, we needed to use credentials of the Admin user, in our case it was
'weblogic'.
Considering these credentials can be different per
environment, you would be tempted to put it in a properties file or in a
database table. This is a big security risk considering the passwords can be in
plain text format. You can apply encryption and decryption mechanism to store
the password in encrypted format, but that requires additional development time
and still not fool proof.
Oracle Platform Security Services includes the Credential
Store Framework (CSF), a set of APIs that applications can use to create, read,
update, and manage credentials securely OPSS is inherent part of Fusion
Middleware Security and can be used within applications running on fusion
middleware platform.
The Credential store basically comprises of maps with unique
names and each map can store or retrieve credentials based on a unique Key, for
which we need to create a credential store entry for the Key, update the
jazn-data.xml file of your ADF application to allow credential store to be
accessed by the application and finally write a java code to access the
credential store.
- Adding a key "basic.credential" to an already existing map "oracle.wsm.security"
- Log
into Enterprise Manager and select your
weblogic domain , from the drop down select securities and then click on
Credentials
- Select
the map(in our case we are using an already existing map “oracle.wsm.security”) where you want to
add the key and click on Create Key
- Following
window opens , where you can fill the details and click OK
- Your
key is now created and map is updated
- Open
you adf project and update its jazn-data.xml to add following credential access
permission to use newly created key in credential store
<jazn-policy>
<grant>
<grantee>
<codesource>
<url>file:${domain.home}/servers/${weblogic.Name}/tmp/_WL_user/CodeFormApp_V2.0/
</url>
</codesource>
</grantee>
<permissions>
<permission>
<class>oracle.security.jps.service.credstore.CredentialAccessPermission</class>
<name>context=SYSTEM,mapName=oracle.wsm.security,keyName=basic.credential</name>
<actions>*</actions>
</permission>
</permissions>
</grant>
</jazn-policy>Above mentioned policy enables access to the credential store for the application containing the java class implementing the credential store access.Where CodeFormApp_V2.0 is the name of our ADF application.
The name of your application is the name of your EAR and appended with _V2.0 if ADF Security is enabled. You can also validate the path of your deployed application from the value of url in the codesource element of the jazn policy mentioned above. - Now add the following code to your java class to retrieve the user credentials
public String[] getUserCredentials() {
String[] password = new String[2];
try {
JpsContextFactory factory = JpsContextFactory.getContextFactory();
JpsContext jpsContext = factory.getContext();
final CredentialStore store =
jpsContext.getServiceInstance(CredentialStore.class);
Credential cred =
AccessController.doPrivileged(new PrivilegedExceptionAction<PasswordCredential>() {
public PasswordCredential run() throws JpsException {
return (PasswordCredential)store.getCredential("oracle.wsm.security",
"basic.credential");
}
});
PasswordCredential pwdCred = (PasswordCredential)cred;
password[0] = pwdCred.getName();
password[1] = new String(pwdCred.getPassword());
} catch (PrivilegedActionException exc) {
system.out.println(
"Error getting credentials from default store:" +
exc.getMessage() + "\nStackstrace: " + exc.getStackTrace());
exc.printStackTrace();
}
return password;
}
Where password[0] is the value of username and password[1] is the value of password.
Above values can be used to access the webservice.
I hope that this code tip helps you out!
Thanks to Siddhartha Agarwal for today's article.
-ryan
Hi Ryan
ReplyDeleteI followed your instructions, but i am getting below error
access: access denied (oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=oracle.wsm.security,keyName=FusionCloudWSSecurityKey read)
Below is my Jazn-data.xml
file:${oracle.deployed.app.dir}/ERPCloudIntegrationsOutboundADFApplication${oracle.deployed.app.ext}
oracle.security.jps.service.credstore.CredentialAccessPermission
context=SYSTEM,mapName=oracle.wsm.security,keyName=FusionCloudWSSecurityKey
read
Can you help please, what am i missing.
I am very fond of your blogging and posting. I like you every post.
ReplyDeleteI am also getting same error "access denied". Can anyone have answer ?
ReplyDeleteHere you will find some explanation on types of essays that are common in the college. I think that you should check them out before you decide to write essay.
ReplyDeleteVery Interesting and wonderfull information keep sharing
ReplyDeleteRead More
share info of the healthy
ReplyDeleteObat penghilang Lemak di Mata
thanks for permission
Faridabad call girls
ReplyDeleteFaridabad call girl
Faridabad escorts
Faridabad escort
Escort services in Faridabad
Escort services in Faridabad
Call girls in Faridabad
Call girl in Faridabad
Faridabad escort services
Faridabad escort service
Escorts in Faridabad
Escorts in Faridabad
Escorts in Faridabad
Escorts in Faridabad
Escort in Faridabad
Escort in Faridabad
Escort in Faridabad
Escort in Faridabad
Escort services in Faridabad
Escort services in Faridabad
Escort services in Faridabad
Escort services in Faridabad
Escort service in Faridabad
Escort service in Faridabad
Escort service in Faridabad
Escort service in Faridabad
Faridabad escort
ReplyDeleteChandigarh escort
Jammu escort
Pune escort
Faridabad escorts
Chandigarh escorts
Jammu escorts
Pune escorts
Faridabad call girls
Chandigarh call girls
Jammu call girls
Pune call girls
Faridabad call girl
Chandigarh call girl
Jammu call girl
Pune call girl
Escort service in Faridabad
Escort service in Chandigarh
Escort service in Jammu
Escort service in Pune
Escort services in Faridabad
Escort services in Chandigarh
Escort services in Jammu
Escort services in Pune
Escorts in Faridabad
Escorts in Chandigarh
Escorts in Jammu
Escorts in Pune
Call girls in Faridabad
Call girls in Chandigarh
Call girls in Jammu
Call girls in Pune
This is so much amazing .so,you can also visite my links.
ReplyDeletecall girls in kolkata
russian escorts in kolkata
kolkata call girls
call girls kolkata
escorts in kolkata
kolkata escort
housewife escorts in kolkata
college call girls in kolkata
call girls in park street
escorts in park street
call girls in gurgaon
call girl in gurgaon
gurgaon call girls
escorts in gurgaon
gurgaon escorts
gurgaon escort
Escort services in Gurgaon
Escort service in Gurgaon
russian escorts in gurgaon
housewife escorts in gurgaon
college call girls in gurgaon
Call girls in Noida
Call girl in Noida
Escorts in Noida
Escort services in Noida
Escort service in Noida
Noida Escorts
Noida Escort
Noida Call girls
Noida Call girl
Call Girl in Faridabad
ReplyDeleteCall Girl in Faridabad
Call Girl in Faridabad
Call Girl in Faridabad
Faridabad Call girls
Faridabad Call girls
Faridabad Call girls
Faridabad Call girls
Faridabad Call girl
Faridabad Call girl
Faridabad Call girl
Faridabad Call girl
Faridabad Escorts
Faridabad Escorts
Faridabad Escorts
Faridabad Escorts
Faridabad Escort
Faridabad Escort
Faridabad Escort
Faridabad Escort
Call girls in Gurgaon
ReplyDeleteCall girls in Lucknow
Call girls in Guwahati
Call girl in Gurgaon
Call girl in Lucknow
Call girl in Guwahati
Gurgaon call girls
Lucknow call girls
Guwahati call girls
Bangalore call girls
Gurgaon call girl
Lucknow call girl
Guwahati call girl
Bangalore call girl
Escorts in Gurgaon
Escorts in Lucknow
Escorts in Guwahati
Escorts in Bangalore
Escort services in Gurgaon
Escort services in Lucknow
Escort services in Guwahati
Escort services in Bangalore
Escort service in Gurgaon
Escort service in Lucknow
Escort service in Guwahati
Escort service in Bangalore
Gurgaon escorts
Lucknow escorts
Guwahati escorts
Bangalore escorts
Gurgaon escort
Lucknow escort
Guwahati escort
Bangalore escort