Oracle Commerce Platform 11.1 - Credential Store Framework

Credential Store Framework

The following files enable CSF to work with the Credential Store.

OPSS Initializer

Class	`atg.security.opss.OPSSInitializer`
Component	`/atg/dynamo/server/OPSSInitializer`

This class is responsible for starting JPS Services by loading the JPSConfigurationLocation property and calling JPSStartup. It also calls the Credential Store. The JPSConfiguration points to the jps-config.xml file, which contains all of the OPSS configuration information.

Credential Store Manager

Class	`atg.security.opss.csf.CredentialStoreManager`
Component	`/atg/dynamo/security/csf/CredentialStoreManager`

This class makes the calls that store and retrieve credentials from the credential store. Uses the map, key and credential properties parameters. It initiates JPS, retrieves the credential store and stores credentials in the store. Also used to delete credentials from the credential store.

Credential Store Manager Admin Servlet

Class

atg.security.opss.csf.CredentialStoreManagerAdminServlet

This Java Bean servlet creates the UI that allows a user to work with credentials. It also stores or deletes credentials in the credential store.

Credential Framework Constants

Class

atg.security.opss.csf.CredentialFrameworkConstants

Defines valid startup and credential types, which are generic, login, or database. Also identifies JPS system properties.

Credential Broker

Class

atg.security.opss.csf.CredentialBroker

Retrieves credentials from the Credential Store and populates the connection properties for the implementing class. Any class that needs credentials from the credential store should use this class.

Credential Map Properties

Class

atg.security.opss.csf.CredentialMapProperties

This class sets the properties of the credential map, and associates values and credential properties with the specified key.

Credential Properties

The following credential type classes are used:

Class

atg.security.opss.csf.CredentialProperties atg.security.opss.csf.GenericCredentialProperties atg.security.opss.csf.LoginCredentialProperties atg.security.opss.csf.DatabaseCredentialProperties

These classes set the properties for each of the credential types. They identify if the credential type is valid, and then return the associated values.

The CredentialProperties class validates the credential type to be valid. If the credential is valid, it shows the first letter of the value and masks the rest of the value. It sets or returns the following parameters:

expirationTime – The time that the credential expires.
credentialType – Validates if the credential matches a valid credential type (generic, login or database).
value – The value of the credential, which is masked.

The GenericCredentialProperties class sets properties for the generic credential type. It uses the following parameter:

singleCredential – Indicates that a single line or string is used as a credential.

The LoginCredentialProperties class sets properties for the login credential type. It sets or returns the following parameters:

username – The user’s account name.
password – The user’s password.

The DatabaseCredentialProperties class sets properties for the database credential type. It sets or returns the following parameters:

username – The user’s account name.
password – The user’s password.
resourceLocation – The URL or resource location of the database.
port – The port used to access the database.

For an example of using OPSS, refer to the CIM Developer's Guide.

For detailed information on working with Oracle Platform Security Services and Credential Store Framework, refer to the Oracle documentation located at: http://www.oracle.com/technetwork/middleware/id-mgmt/index-100381.html.

Copyright © 1997, 2015 Oracle and/or its affiliates. All rights reserved. Legal Notices