• Adi Jaradat

Securing Database Credentials using Oracle Wallet

Updated: Feb 18

Oracle wallet is a secure way to store and secure database credentials, it is a very secure way to keep those sensitive information safe.

Oracle wallet

A Security Challenge


Assume you need to deploy a custom application and assume this application connects to Oracle database, a typical approach would be to store the database credentials in a config or properties file. To make things even more secure, lets slap in an encryption logic. Things look good so far, but what if more apps need to be deployed! Or there is an update to the connection details!


Implementing an encryption logic and sharing it through all future applications is one way to go but you need to manage one more (risky) library!

The Wallet way


To cut it short, Oracle wallet allows you to “encapsulate” the database credentials (and more) and secure it using Oracle technology (and license) so that you don’t have to worry about managing, securing, and updating your database connection credentials. Of course, someone has to keep the connection details up-to-date, but that would be the DBA.


I won’t spend more time talking about Oracle Wallet because I have some links in the references section, just one more note, the DBA can create the wallet so that it works on any machine or a very specific machine only.


JDBC Connection


This is a short (modified) snippet which should how to establish a JDBC connection while authenticating through Oracle Wallet. Combine this with the power of constructing a Calendar Query and you can add very useful tools to your hat.

package mb.connection.db;

import mb.server.MBException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;

public class MBOracleWalletToolKit extends MBOracleToolKit
{
  public String getDatabaseName()
  {
    return "ORACLEWALLET";
  }
  
  public Connection getConnection(MBConnectContext mbConnectContext) throws Exception
  {
    Connection dbConnection = null;
	
    try
    {
      System.setProperty("oracle.net.tns_admin","D:/oracle/product/11.2.0/home1/NETWORK/ADMIN");
      System.setProperty("oracle.net.wallet_location","(SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=E:/DBConfig/wallet)))");
      Class.forName("oracle.jdbc.OracleDriver");
      dbConnection = DriverManager.getConnection("jdbc:oracle:thin:/@COM_CORP_ERP_PRD");
      dbConnection.setAutoCommit(false);
      dbConnection.setTransactionIsolation(Connection.TRANSACTION_READ_COMMITTED);
    }
    catch (SQLException e)
    {
      e.printStackTrace();
      MBException mbException = new MBException(e, "CANNOT_CONNECT", mbConnectContext.getConnectionString(), mbConnectContext.getUserName());
      mbException.setInfo("SQLERROR", String.valueOf(e.getErrorCode()));
      mbException.setInfo("SQLMESSAGE", e.getMessage());
      throw mbException;
    }
    return dbConnection;
  }
} 

Links

https://docs.oracle.com/cd/B28359_01/network.111/b28530/asowalet.htm#i1009041

https://docs.oracle.com/middleware/1213/wls/JDBCA/oraclewallet.htm#JDBCA596

3 views0 comments

Recent Posts

See All
 
  • LinkedIn
  • Twitter

©2021 by Adi Jaradat.