Skip to main content link. Accesskey S
  • Overview ▾ Show Menu▼
  • IBM
  • Connections Developers
  • Home
  • Dev Guide
  • API Docs
  • SDK
  • Community
Search
SDK > SDK docs > Configuring credential stores (token store)
  • Share Show Menu▼
  • Subscribe Show Menu▼

About the Original Author

Click to view profileIBM contributorIBM
Contribution Summary:
  • Articles authored: 823
  • Articles edited: 758
  • Comments Posted: 0

Recent articles by this author

Removing multiple members
To delete multiple members from an activity with one API request, send an Atom feed as part of a delete request to the activity ACL.

Adding multiple members
To add multiple members to an activity with one API request, send an Atom feed document containing entries of the new members to be added to the activity ACL.

Moving Nodes Under Different Activities or Nodes
To move an activity node to another activity node, use an HTTP POST request.

Moving fields between nodes
To move a field to another activity node, use an HTTP PUT request.

IBM Connections Event Reference - Files
Files Events Event data is provided using the following conventions. Refer to the EventSPIic50Event SPI for details about these event data objects, how to retrieve them from the event object, and how to get additional information from these objects themselves. The event can be shared ...
Configuring credential stores (token store)
Added by IBM contributorIBM | Edited by IBM contributorManish Kataria on August 1, 2013 | Version 32
  • Edit
  • More Actions Show Menu▼
Rate this article 1 starsRate this article 2 starsRate this article 3 starsRate this article 4 starsRate this article 5 stars
expanded Abstract
collapsed Abstract
No abstract provided.
Parent topic: Connecting to other systems

SDK uses Credential Store (aka Token Store), to persist information related to a particular endpoint's security like Access token in case of OAuth endpoint.
Credential store comes into play when SDK tries to issue a network call to an authenticated resource. For executing this request successfully network layer of SDK checks for presence of security tokens in configured credential store for specific user. In case these tokens are missing SDK initiates authentication process depending on authentication type supported by endpoint. If authentication is successful, the security tokens are persisted in credential store for subsequent requests.

Currently following types of credential store are supported by SDK

Memory Credential Store : Saves all the details related to endpoint and authentication related token in memory. Since all the information is persisted in memory, information is lost when SDK (web application) is shutdown or restarted. It is simpler to configure and is recommended in case you are getting started with using SDK. Below is the definition of memory credential store and its usage in an endpoint.

1. Defining the bean for declaring the credential store
<managed-bean>
	<managed-bean-name>SampleCredMemoryStore</managed-bean-name>
	<managed-bean-class>com.ibm.sbt.security.credential.store.MemoryStore</managed-bean-class>
	<managed-bean-scope>application</managed-bean-scope>
</managed-bean>


2. Use the defined credential store in the endpoint definition
<managed-bean>
	<managed-bean-name>connections</managed-bean-name>
	....
	....
	<managed-property>
		<property-name>credentialStore</property-name>
		<value>SampleCredMemoryStore</value>
	</managed-property>
<managed-bean-name>

DB Credential Store : Saves all the details related to endpoint and authentication related token in a configured database. Details of database could be provided through JNDI.
Below is the definition of DB Credential store and its usage in an endpoint.

1. Defining the bean for declaring the credential store
<managed-bean>
	<managed-bean-name>SampleCredDBStore</managed-bean-name>
	<managed-bean-class>com.ibm.sbt.security.credential.store.DBCredentialStore</managed-bean-class>
	<managed-property> 
		<property-name>jndiName</property-name> 
		<value>jdbc/ibmsbt-dbtokenstore</value> 
	</managed-property>
	<managed-property> 
		<property-name>tableName</property-name> 
		<value>SBTKREP</value> 
	</managed-property>
	<managed-bean-scope>application</managed-bean-scope>
</managed-bean>


2. Use the defined credential store in the endpoint definition
<managed-bean>
	<managed-bean-name>connections</managed-bean-name>
	....
	....
	<managed-property>
		<property-name>credentialStore</property-name>
		<value>SampleCredDBStore</value>
	</managed-property>
<managed-bean-name>


For setting up credential store you can refer to the CreateTable.sql (\src\dbscripts) file shipped along with SDK. For SDK to use DB Credential store, application server level security should be enabled for consuming web application. This is to enable SDK to uniquely identify the user for which security tokens are to be persisted.

Reference : To configure a datasource using JNDI on Tomcat kindly refer to this link JNDI Datasource HOW-TO
For WebSphere kindly refer to this link : Configuring a JDBC provider and data source

  • Edit
  • More Actions Show Menu▼


expanded Attachments (0)
collapsed Attachments (0)
Edit the article to add or modify attachments.
expanded Versions (1)
collapsed Versions (1)
Version Comparison     
VersionDateChanged by              Summary of changes
This version (32)Aug 1, 2013, 5:11:54 AMManish Kataria  IBM contributor
expanded Comments (0)
collapsed Comments (0)
Copy and paste this wiki markup to link to this article from another article in this wiki.
Go ElsewhereStay ConnectedHelpAbout
  • IBM Collaboration Solutions wikis
  • IBM developerWorks
  • IBM Software support
  • Twitter LinkIBMCnxDev on Twitter
  • ForumsIBMCnxDev on Stack Overflow
  • FacebookIBMSocialBizUX on Facebook
  • ForumsIBM Collaboration Solutions product forums
  • Community LinkThe Social Lounge
  • Wiki Help
  • Forgot user name/password
  • Wiki design feedback
  • Content feedback
  • About the wiki
  • About IBM
  • Privacy
  • Accessibility
  • IBM Terms of use
  • Wiki terms of use