Security is always a big deal. In setting up Oracle GoldenGate the capture (extract) and apply (replicat) parameter files need to be configured to log in to the database which they will perform operations. In order to do this the Oracle GoldenGate User name and password need to be provided in the parameter files. Example 1 shows how the database login is traditionally done in a extract or replicat parameter file.
Example 1:
--Oracle Login USERID ggate, PASSWORD ggate
To make this process login information more secure, we can create a userid alias that the extract or replicat process can use to log into the database. In order to create a login alias, a credential store needs to be create. Below are the steps to create the credential store and associated aliases.
After logging into the GoldenGate Service Command Interface (GGSCI), a credential store needs to be created. By default the credential store will be kept in the “dircrd” directory undert the $OGG_HOME.
Create the credential store:
GGSCI (db12cgg.acme.com) 1> add credentialstore Credential store created in ./dircrd/.
With the credential store created, now an alias can be created for the gguser.
GGSCI (db12cgg.acme.com) 2> alter credentialstore add user ggate, password ggate alias aggate Credential store in ./dircrd/ altered.
The extract or replicat parameter files need to be updated to use the new alias. Once the update is done the associated process needs to be restarted.
--Oracle Login USERIDALIAS aggate
After restarting the process, the Oracle GoldenGate login is secure.
Note: If the password for the Oracle GoldenGate User changes, the alias in the credential store will need to be updated.
Enjoy!
about.me: http://about.me/dbasolved
Please follow and like:
Bobby Curtis
I’m Bobby Curtis and I’m just your normal average guy who has been working in the technology field for awhile (started when I was 18 with the US Army). The goal of this blog has changed a bit over the years. Initially, it was a general blog where I wrote thoughts down. Then it changed to focus on the Oracle Database, Oracle Enterprise Manager, and eventually Oracle GoldenGate.
If you want to follow me on a more timely manner, I can be followed on twitter at @dbasolved or on LinkedIn under “Bobby Curtis MBA”.
Follow if you like:
Thanks for sharing. I read many of your blog posts, cool, your blog is very good.
I don’t think the title of your article matches the content lol. Just kidding, mainly because I had some doubts after reading the article.
My brother recommended I may like this web site. He was once entirely right. This submit truly made my day. You cann’t believe just how so much time I had spent for this info! Thanks!
Spot on with this write-up, I absolutely believe that this website needs a great deal more attention. I’ll probably be returning to see more, thanks for the advice!
at web, except I know I am getting familiarity all the time by reading thes pleasant posts.|Fantastic post. I will also be handling some of these problems.|Hello, I think this is a great blog. I happened onto it;) I have bookmarked it and will check it out again. The best way to change is via wealth and independence. May you prosper and never stop mentoring others.|I was overjoyed to find this website. I must express my gratitude for your time because this was an amazing read! I thoroughly enjoyed reading it, and I’ve bookmarked your blog so I can check out fresh content in the future.|Hi there! If I shared your blog with my Facebook group, would that be okay? I believe there are a lot of people who would truly value your article.|منشور رائع. سأتعامل مع بعض هذه|
Hey there, I think your blog might be having browser compatibility issues. When I look at your blog in Chrome, it looks fine but when opening in Internet Explorer, it has some overlapping. I just wanted to give you a quick heads up! Other then that, wonderful blog!