Category - GOLDENGATE

Encrypt Credentials using Wallet Method

Managing Identities in a Credential Store (Latest Method)
=================================================

This section shows how to use an Oracle GoldenGate credential store to maintain encrypted database passwords and user IDs and associate them with an alias. It is the alias, not the actual user ID or password, that is specified in a command or parameter file, and no user input of an encryption key is required.

Step 1=> Create Credentialstore for Goldengate

Go to ./ggsci prompt and login with dblogin userid and password

GGSCI (HOST12C2020) 2> dblogin userid ggsource password ggsource
Successfully logged into database.

GGSCI (HOST12C2020 as ggsource@NCDB) 4> add credentialstore

Credential store created.

GGSCI (HOST12C2020 as ggsource@NCDB) 5> exit
[oracle@HOST12C2020 gg_home]$ ls -lrt dircrd/*
-rw-r-----. 1 oracle oinstall 418 May 24 15:33 dircrd/cwallet.sso
[oracle@HOST12C2020 gg_home]$

Step 2=> Add userid in wallet

GGSCI (HOST12C2020 as ggsource@NCDB) 3> alter credentialstore add user ggsource alias ggalias
Password:

Credential store altered.

GGSCI (HOST12C2020 as ggsource@NCDB) 4>

GGSCI (HOST12C2020 as ggsource@NCDB) 4> exit
[oracle@HOST12C2020 gg_home]$ ls -lrt dircrd/*
-rw-r-----. 1 oracle oinstall 603 May 24 15:35 dircrd/cwallet.sso

Step 3=> Test if Login is working

Exit from GGSCI prompt ad execute as below

[oracle@HOST12C2020 gg_home]$ ./ggsci

GGSCI (HOST12C2020) 1> dblogin useridalias ggalias
Successfully logged into database.

GGSCI (HOST12C2020 as ggsource@NCDB) 2> info all

Program     Status      Group       Lag at Chkpt  Time Since Chkpt

MANAGER     RUNNING
EXTRACT     RUNNING     DPUMP1      00:00:00      00:00:00
EXTRACT     RUNNING     EXT1        00:00:00      00:00:08
REPLICAT    RUNNING     REP2        00:00:00      00:00:00

GGSCI (HOST12C2020 as ggsource@NCDB) 3> info credentialstore

Reading from credential store:

Default domain: OracleGoldenGate

  Alias: ggalias
  Userid: ggsource


Here our Testing has been completed now and its working OKay.

Now let we add this credentials in Parameter file and see what happens.

STEP 4=> (Optional) Add above alias in Parameterfile to see if any issue happens.

GGSCI (HOST12C2020) 3> view params EXT1

EXTRACT ext1
--USERID ggsource@NCDB password ggsource
USERIDALIAS ggalias
EXTTRAIL /u01/app/oracle/gg_home/dirdat/tt
TRANLOGOPTIONS EXCLUDEUSER ggsource
TABLE dbsource.*;

===>> CHECK EXTRACT GOT STOPPED  (Reason -> ERROR   OGG-00303  Oracle GoldenGate Capture for Oracle, ext1.prm:  Alias 'ggalias@NCDB' not found in credential store domain 'OracleGoldenGate'.)

GGSCI (HOST12C2020 as ggsource@NCDB) 7> STOP ext1

Sending STOP request to EXTRACT EXT1 ...
Request processed.

GGSCI (HOST12C2020 as ggsource@NCDB) 8> start EXT1

Sending START request to MANAGER ...
EXTRACT EXT1 starting

GGSCI (HOST12C2020 as ggsource@NCDB) 10> INFO ALL

Program     Status      Group       Lag at Chkpt  Time Since Chkpt

MANAGER     RUNNING
EXTRACT     RUNNING     DPUMP1      00:00:00      00:00:02
EXTRACT     STOPPED     EXT1        00:00:00      00:00:09
REPLICAT    RUNNING     REP2        00:00:00      00:00:02


STEP 5=> So as above in STEP4 our Extract got stopped ,we need to add another alias in Credentialstore with TNS entry as below

GGSCI (HOST12C2020 as ggsource@NCDB) 12> dblogin useridalias ggalias
Successfully logged into database.

GGSCI (HOST12C2020 as ggsource@NCDB) 13> alter credentialstore add user ggsource@NCDB alias ggncdb
Password:

Credential store altered.

GGSCI (HOST12C2020 as ggsource@NCDB) 17> info credentialstore

Reading from credential store:

Default domain: OracleGoldenGate

  Alias: ggalias
  Userid: ggsource

  Alias: ggncdb
  Userid: ggsource@NCDB


StEP 6=> Add new alias in Extract,Pump parameter file as below and start Stop process. Run smooth now.

GGSCI (HOST12C2020) 3> view params EXT1

EXTRACT ext1
--USERID ggsource@NCDB password ggsource
USERIDALIAS ggncdb
EXTTRAIL /u01/app/oracle/gg_home/dirdat/tt
TRANLOGOPTIONS EXCLUDEUSER ggsource
TABLE dbsource.*;

GGSCI (HOST12C2020) 4> view params DPUMP1

EXTRACT dpump1
USERIDALIAS ggncdb
--USERID ggsource@NCDB, PASSWORD ggsource
RMTHOST HOST12C2021, MGRPORT 7809
RMTTRAIL /u01/app/oracle/gg_home/dirdat/uu
TABLE dbsource.*;

GGSCI (HOST12C2020) 5> view params REP2

REPLICAT rep2
ASSUMETARGETDEFS
USERIDALIAS ggncdb
--USERID ggsource@NCDB  PASSWORD ggsource
REPERROR(1403,IGNORE)
DDL INCLUDE ALL
DDLERROR DEFAULT IGNORE
MAP dbtarget.*,TARGET dbsource.*;


GGSCI (HOST12C2020) 6> info all

Program     Status      Group       Lag at Chkpt  Time Since Chkpt

MANAGER     RUNNING
EXTRACT     RUNNING     DPUMP1      00:00:00      00:00:09
EXTRACT     RUNNING     EXT1        00:00:00      00:00:05
REPLICAT    RUNNING     REP2        00:00:00      00:00:00

GGSCI (HOST12C2020) 7>

Bonus
-----
Other Operations with Credentialstore are as below

=> Use the DELETE CREDENTIALSTORE command to remove a credential store from the system. The credential store wallet and its contents are permanently deleted.
=> * Changes the password of the specified user * alter credentialstore replace user ggsource password ggsource1 alias ggalias *You cannot change the alias or domain of a user with this option
=> * DELETE USER userid * Removes the credential for the specified user from the credential store.


*******SO OUR PRACTICE COMPLETED NOW***CHEERS !!!