4 About the Security Store

This chapter introduces the security store types supported, the package requirements for application security, and the OPSS support for Federal Information Processing Standards (FIPS).

This chapter includes the following sections:

Supported File, LDAP, and Database Stores

OPSS supports the following repositories:

Security store and keystores:
- File-based - XML file
- LDAP-based - Oracle Internet Directory
- Database-based
  - Oracle Database, Express Edition
  - Oracle Database, Standard Edition
  - Oracle Database, Standard Edition One
  - IBM DB2
  - Microsoft SQL Server
Identity store-any LDAP authentication provider supported by Oracle WebLogic Server. File identity stores are supported in Java SE applications only.
Audit store:
- File-based - XML file
- Database-based
  - Oracle Database, Express Edition
  - Oracle Database, Standard Edition
  - Oracle Database, Standard Edition One
  - IBM DB2
  - Microsoft SQL Server

For supported versions, see Oracle Fusion Middleware 12c Certifications at http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html.

If you are using Oracle Internet Directory version 10.1.4.3 with OPSS, then the patch that fixes bug number 8351672 is required. For a list of patches to various versions of Oracle Internet Directory, see Using an LDAP Security Store.

Packaging Requirements

Application policies are specified in the jazn-data.xml file, and application credentials are specified in the cwallet.sso file. Package these files in the META-INF directory of the application Enterprise ARchive (EAR) file. At application deployment, you typically migrate those policies and credentials to the security store.

FIPS Support in OPSS

FIPS-140 is enabled in the entire Oracle Fusion Middleware stack. For information about FIPS, see FIPS-140 Support in Oracle Fusion Middleware in Administering Oracle Fusion Middleware.