How can my application access the keystore configured in the Weblogic admin console?

Question

How can my application access the keystore configured in the Weblogic admin console?

I would like to access the Identity Storehouse Repository (JKS) configured in the user configuration of the weblog store in my web application. How can I get weblogic to expose this without relying on the following environment properties: -Djavax.net.ssl.Keystore, -Djavax.net.ssl.KeystorePassword.

+3

weblogic keystore

Sasi May 01, '12 at 14:31

source share

1 answer

Jukka · Answer 1 · 2013-06-05T09:50:30+0000

The following code can be used as a starting point.

A few notes:

The user executing the code must belong to the group OracleSystemGroup
Keystore boots from a file system that is not recommended by the EJB specification. But I think reading the file can be done safely.
java.lang.String, .

- . WebLogic, . , .

InitialContext ic = new InitialContext();
MBeanServer server = (MBeanServer) ic.lookup("java:comp/env/jmx/runtime");

// Get access to server configuration
ObjectName runtime = new ObjectName("com.bea:Name=RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean");
ObjectName serverConfig = (ObjectName) server.getAttribute(runtime, "ServerConfiguration");

/* Load identity store location and passphrase.
 * If e.g. Demo identity has been configured (in WL console) instead of
 * custom identity then the following does not work.
 */

// Passphrase as clear text
Object keyStorePassPhrase = server.getAttribute(serverConfig, "CustomIdentityKeyStorePassPhrase");
Object keyStoreFileName = server.getAttribute(serverConfig, "CustomIdentityKeyStoreFileName");

// Load keystore
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(new FileInputStream(keyStoreFileName.toString()),
        keyStorePassPhrase.toCharArray());

How can my application access the keystore configured in the Weblogic admin console?

More articles: