5 External Password Storage

Depending on the type of store deployment, there are two ways passwords can be externally stored. For Enterprise Edition (EE) deployments, Oracle Wallet is used. For Community Edition (CE) deployments, a simple read protected clear-text password file is used.

In the most basic mode of operation, external passwords are used only by the server to track the keystore password. User passwords, which are stored securely within the database, can also be supplied during client authentication.

When a password store is used as a component of a login file, the alias that is used for the password store type should be the username to which the password applies. For example, for a user named root, the password should be stored under the alias root.

When a password store is used as part of the server, the alias keystore is used. The user password store should be a completely different file than the one in the security directory located under KVROOT.