Credential Vault

 

+
Search Tips   |   Advanced Search

 

 

Credential Vault

The Credential Vault is a portlet service that helps portlets and portal users manage multiple identities. The Credential Vault stores credentials that allow portlets to log in to applications outside the portal realm on behalf of the user.

There are two kinds of Credentials;

Active Credentials Establish connections via...

Passive Credentials Retrieve stored secret data such as, but not limited to...

Certain credential objects can also be used to pass single sign-on tokens for...

...to the backend application in the header.

IBM WebSphere Portal provides one database vault implementation which contains...

administrator-managed vault segment Do not allow users to add new applications to the vault. Allow users to update mappings.
user-managed vault segment Allow users to add application definitions, such as a POP3 mail account, under the user vault and store a mapping there.

By default, the vault uses an encryption plugin that encodes the passwords in Base 64. WebSphere Portal initially provides two vault adapter configurations that write to the portal database:

We can plug in additional administrator-managed vaults by writing a custom vault adapter. Only an administrator can manage plugged-in vaults.

  1. Add the Vault Adapter Implementations to the Credential Vault Service, as described in Setting configuration properties.

  2. Restart WebSphere Portal.

  3. Use the Credential Vault portlet or the XML Configuration to add a Vault Segment to the vault.

WebSphere Portal also supports the storage and retrieval of credentials from other vault services, such as TAM. WebSphere Portal ships a Credential Vault adapter for TAM. This plugin works on AIX, Solaris, and Windows.

 

Related information

 

Parent topic:

Single sign-on