|Secure External Password Store - Protect database password credentials with this alternative to OS authentication.|
Mojdeh said...Thank you. Very useful. I just don't know why my first entry in tnsname file (the one that I always use to connect to database) for createCredential doesn't work.
Mel said...Very useful when you have an Oracle client, but I am trying to do the same from a web application using JDBC Thin driver and the documentation is poor!
I don't know if is necessary to open the wallet "manually" (adding some code to extract the user and password and then make a normal connection) or if is enough to put the wallet location in a properties object (like the user, password, etc. properties).
Tim... said...Dude, read the big words. Questions in the forum!
You can't use this feature with the thin driver. You have to use OCI, so you have to install an Oracle client. Once configured, you use a custom URL to connect:
Connection conn =
Vijay said...Tim Can you explain how this can be configured in hibernate
Tim... said...I have no idea. I've never used Hibernate.
triacme said...hi its very informative..u have given with coding how password is externally secured in database...........
ppskannan said...Hi Tim,
I use wallet to execute some scripts in DB. Can we configure any tools to use wallet.
It depends on the tool. If it uses an Oracle client to connect to the database, then it's possible it will be able to use a wallet.
Lazar said...Possible security issue using Oracle Wallet is that one can copy wallet folder to another machine and use it.
Tak Tang said...If you're using Windows, you can use the Oracle Wallet manager to save the wallet into the registry under DEFAULT. In SQLNet.ora, set WALLET_LOCATION=(SOURCE=(METHOD=REG)(METHOD_DATA=(KEY=DEFAULT)))
Then delete files from disk. Not heavily tested, but seems to work.
Pete said...Worth noting that if you create a local auto login wallet that it is also tied to the user that created it. So you cannot for instance create it as the oracle client owner account and then have another application owner account use it.