2.5.2 Setup the Password Stores for Database User Accounts

This section describes how to setup the Password Stores for Database User Accounts.

After the database is installed and the default database user accounts are set up, administrators must set up a password store using the Oracle Wallet. This involves assigning an alias for the username and associated password for each database user account. The alias is used later during the application installation. This password store must be created on the system where the application server and database client are installed.This section describes the steps to create a wallet and the aliases for the database user accounts.
For more information on configuring authentication and password stores, see Oracle Database Security Guide.

Note:

In this section, <wallet_location> is a placeholder text for illustration purpose. Before running the command, ensure that you have already created the <wallet_location> directory where you want to create and store the wallet.
To create a wallet:
  1. Log in to the server as a Linux user.
  2. Create a wallet in the <wallet_location> using the following command:
    mkstore -wrl <wallet_location> -create

    Note:

    The mkstore utility is included in the Oracle Database Client installation.
  3. After you run the command, a prompt appears. Enter a password for the Oracle Wallet in the prompt.
  4. Create the database connection credentials for the studio schema/ER Schema alias using the following command:
    mkstore -wrl <wallet_location> -createCredential <alias-name> <databaseuser- name>
    After you run the command, a prompt appears. Enter the password associated with the database user account in the prompt. You are prompted to re-enter the password. You are prompted for the wallet password used in Step 1
  5. Create the database connection credentials for the atomic schema alias using the following command:
    mkstore -wrl <wallet_location> -createCredential <alias-name> <databaseuser- name>

    Note:

    Creating an atomic schema is not required when installing Compliance Studio without OFSAA.
    In this manner, create a wallet and associated database connection credentials for all the database user accounts.
    The wallet is created in the <wallet_location> directory with the auto-login feature enabled. This feature enables the database client to access the wallet contents without using the password. For more information, see Oracle Database Security Guide.
    After the wallet is created, go to the <wallet_location> directory and click RefreshRefresh to view the created wallet folder.

    Figure 2-3 Location of the Created Wallet Folder

    Description of Figure 2-3 follows
    Description of "Figure 2-3 Location of the Created Wallet Folder"
    The wallet folder contains two files - ewallet.p12 and cwallet.sso.
  6. In the <wallet_location> directory, configure the tnsnames.ora file to include the entry for each alias name to be set up.

    Figure 2-4 Snapshot of the tnsnames.ora file

    Description of Figure 2-4 follows
    Description of "Figure 2-4 Snapshot of the tnsnames.ora file"

    Note:

    • You can either update the existing tnsnames.ora file with the above details or create new tnsnames.ora file and add the required entries.
    • <alias-name> is a user-defined value.
  7. Create a sqlnet.ora file in the wallet directory using the following content:
    WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = <Wallet_Location>)) )
    SQLNET.WALLET_OVERRIDE=TRUE
    SSL_CLIENT_AUTHENTICATION=FALSE