Credentials used by the system are stored in a single secure credential store. Oracle Wallet is the default credential store file (cwallet.sso).
The credential store alternatively can be LDAP-based and Oracle Internet Directory is the supported LDAP server in this release. LDAP-based credential stores are configured and administered using Oracle Enterprise Manager Fusion Middleware Control or WLST commands.
Each credential is uniquely identified by a map name and a key name. Each map contains a series of keys and each key is a credential. The combination of map name and key name must be unique for all credential store entries. The following credential maps are used by BI Publisher:
oracle.bi.system: Contains the credentials that span the entire BI Publisher platform.
oracle.bi.publisher: Contains the credentials used by only BI Publisher.
The following two credential types are supported:
Password: Encapsulates a user name and a password.
Generic: Encapsulates any customized data or arbitrary token, such as public key certificates.
To facilitate getting started with your development environment, default credentials are inserted into the file-based credential store during installation. Be aware that BI Publisher credentials such as user passwords are stored in the identity store and managed with its corresponding administrative interface.
Credentials can be managed either in Fusion Middleware Control or using WLST command.
For more information about both methods, see "Managing the Domain Credential Store" in Securing Applications with Oracle Platform Security Services.
If using Oracle Business Intelligence as a data store, BI Publisher establishes system communication with it as BISystemUser.
If you change the BISystemUser password in the identity store administrative interface, you also must change the password in the credential store (oracle.bi.system credential map). This applies if you have created a custom application role to take the place of the default BISystemUser. Components cannot communicate with each other if the credentials are out-of-sync. For more information about how Oracle Business Intelligence uses BISystemUser for trusted system communication, see Security Guide for Oracle Business Intelligence Enterprise Edition.