Brief: What is Oracle Wallet? Oracle Headquarters Redwood Shores1

Brief: What is Oracle Wallet?

March 28, 2022 Database No Comments

An Oracle Wallet is an encrypted file that contains database credentials – username and password – for connecting to an Oracle Database. This avoids writing hard code user passwords in a shell script or in an application database configuration file. A wallet can also contain certificates – for example for conduct secure HTTP (aka HTTPS) conversations.

Use of a wallet for managing database credentials will enhance your security and management of user passwords as now you will only update passwords in your wallet and have no need to share user passwords with the application teams. The wallet should be the only place where a database password is stored. The location of the wallet is configured in the sqlnet.ora file.

Through the use of the Oracle TNS (Transparent Network Substrate) administrative file to hide the details of the database connection string (host name, port number, and service name) we further reduce the spread of configuration details- and allow clients instead to use only an alias to indicate the database they want to connect to. The wallet contains a username & password combination for a TNS alias and the tnsnames.ora file provides the database connection string details for that alias. A client that wants to create a database connection refers to that alias. The database client library combines the details from tnsnames.ora with those from the wallet in order establish the connection.

Note: Using a wallet doesn’t prevent people from accessing to the database. Anyone having access to the wallet can use the stored credentials through an Oracle Database client library without needing a password. A script needs to run on the server with the wallet and under the user that created the wallet in order to use it for accessing the database. However the passwords are stored in an encrypted way and cannot be read.

Resources

Use a wallet to encrypt Oracle client passwords by Nicolas Jardot- https://blog.dbi-services.com/use-a-wallet-to-encrypt-oracle-client-passwords/

DBsGuru – Oracle Wallet Usage – External Passwords Store   – https://dbsguru.com/oracle-wallet-usage-external-passwords-store/ 

Oracle Database 19c Docs – Using Oracle Wallet Manager – https://docs.oracle.com/en/database/oracle/oracle-database/19/dbimi/using-oracle-wallet-manager.html#GUID-D0AA8373-B0AC-4DD8-9FA9-403E345E5A71 

Using Oracle Wallet for certificates use for HTTPS conversations – https://oracle-base.com/articles/misc/utl_http-and-ssl#create-a-wallet

Related Posts

Tags:, ,

About The Author

Lucas Jellema

Lucas Jellema, active in IT (and with Oracle) since 1994. Oracle ACE Director and Oracle Developer Champion. Solution architect and developer on diverse areas including SQL, JavaScript, Kubernetes & Docker, Machine Learning, Java, SOA and microservices, events in various shapes and forms and many other things. Author of the Oracle Press book Oracle SOA Suite 12c Handbook. Frequent presenter on user groups and community events and conferences such as JavaOne, Oracle Code, CodeOne, NLJUG JFall and Oracle OpenWorld.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.