Password Indirection For ContextScanningResourceProvider
(Doc ID 987857.1)
Last updated on JULY 03, 2020
Applies to:Oracle Containers for J2EE - Version 10.1.3.0.0 and later
Information in this document applies to any platform.
Currently the password property of com.evermind.server.deployment.ContextScanningResourceProvider, can only use a plain text password field for authentication with the backend, it is not possible to use password indirection. For example:
Basic security standards require all passwords to be never stored in plain text.
Password indirection allows the resource to look up the encrypted password that is needed for the authentication with the external resource via OC4J's standard password indirection functionality -- would therefore be easy to maintain and use. With this setup, no plain text password need to be used in configuration setup.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document