What are Credential Vault in Portal

The credential vault is a repository where credentials are stored. Examples of credentials include certificates, private keys, user IDs, and passwords. WebSphere Portal provides a class called CredentialVaultService which portlets can use to store and retrieve credentials from the vault

A vault adapter is a plug-in module between the credential vault and CredentialVaultService

A vault segment is a partition of a vault. There are two types of segments: user-managed and administrator-managed. Portal administrators can create administrator-managed segments using the Credential Vault tab on the Security page of the Portal Administration place. This tab is called the Credential Vault portlet. WebSphere Portal provides a user-managed segment in the default vault.

A vault slot is part of a vault segment; it is represented using CredentialSlotConfig class.

There are two types of credentials: active and passive. Passive credentials allow a portlet to extract the credential's secret. Active credentials do not allow a portlet to extract the credential's secret.

The credential vault provided by WebSphere Portal defines four types of vault slots:

Portlet private slot Stores user credentials that are not shared among portlets. The Private Slot Portlet application demonstrates the private slot.
Shared slot Stores user credentials that are shared among the user's portlets. The Shared Slot Portlet application demonstrates the shared slot.
Administrative slot Allows each user to store a secret for an administrator-defined resource (for example, Lotus Notes). The Administrative Slot Portlet application demonstrates the administrative slot.
System slot Stores system credentials where the actual secret is shared among all users and portlets. The System Slot Portlet application demonstrates system slot.

Initializing CredentialVaultService

The CredentialVaultService is a portlet service that portlets can use to create vault slots for storing and retrieving credentials.