5-16 Oracle Fusion Middleware Integrators Guide for Oracle Business Intelligence Enterprise Edition

5.5.1.1 Example of Creating Credential Map and Credential Key

Note the following account element. account nameSecureTestname descriptionTest Secure Accountdescription adminonlyfalseadminonly credentialkeySecureTestcredentialkey credentialmaporacle.bi.actionscredentialmap account If you have this account element in your ActionFrameworkConfig.xml and the following conditions are true: ■ this account element is referenced by a registry to invoke a Web service secured using a username and password policy ■ the propagateIdentity element is set to false, then you must enter a username and password that is valid for invoking the target Web service. This should be added to a credential map called oracle.bi.actions against a credentialkey of SecureTest.

5.5.2 Creating a Default Keystore

Use the following procedure to create a default self-signed keystore. Note that creating a default keystore is suitable for demonstration or development use, but is not suitable for production use. In production, a keystore that was created by importing a valid, correctly signed certificate should be used as described in the keytool documentation. For security policies that involve signing or encryption, you must also add a certificate to the bifoundation_domain keystore. For more information about keytool and SolarisLinux, go to http:java.sun.comjavase6docstechnotestoolssolariskeytoo l.html. For information about keytool and Windows, go to http:java.sun.comjavase6docstechnotestoolswindowskeytoo l.html. 1. Confirm that your installer installed the JDK bin directory and that it displays in your path. For example, MIDDLEWARE_HOMEjdk160_11bin. 2. Open a command prompt at MIDDLEWARE_HOMEuser_ projectsdomainsbifoundation_domainconfigfmwconfig. 3. Run the following command to create a default keystore. keytool -genkeypair -keyalg RSA -alias orakey -keypass orakey_passphrase -keystore default-keystore.jks -storepass store_passphrase -validity 3600 The command creates a keystore with the name default-keystore.jks if it does not already exist and adds a new private key entry with alias orakey and password as orakey. You can change the alias, password, and storepass in the command, but they must match the OWSM credentials added to the credential store in the Section 5.5.3, Configuring Oracle Web Services Manager procedure. 4. When prompted, answer the questions. Enter responses relevant to your organization. See the example. Note that in the example, the user weblogic refers to the System Administrator user created during the install. If you chose a user other than weblogic, enter that username instead.