I have used Jboss eap 5.2.yes it is bit old version and
current version is 7.1.0.
First you have to create a
datasource.
1.
Run the JBoss eap server and get JBoss EAP Admin
Console
2.
Navigate to the Datasource type to be added,
under Resources → Datasources→ Local Tx
Datasources
3.
Click Add a new resource.
4.
Select the resource template from the drop-down
box, and click Continue (I used default (Local Tx Datasource)).
5.
Enter required parameters of JNDI Name, JDBC
Driver Class and Connection URL.
6.
Click Save. The datasource is available.
7.
check the connection with JBoss EAP Admin console,
select datasource →Control → Test Connection(It should be success without and
exception on server log or console)
The procedure will create a <db>-ds.xml file in your JBOSS_HOME/server/<Profile>/deploy. The
data source’s configuration is as following.
<datasources>
<local-tx-datasource>
<!-- MS SQL
Configuration -->
<!--Start-->
<jndi-name>ussd</jndi-name>
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.MySQLExceptionSorter</exception-sorter-class-name>
<use-java-context>false</use-java-context>
<connection-url>jdbc:sqlserver://
127.0.0.1:5432;databaseName=USSDTEST</connection-url>
<driver-class>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver-class>
<user-name>sa</user-name>
<password>abc@123</password>
<!--End-->
</local-tx-datasource>
</datasources>
Then I’m going to encrypt the database password. You have to set
security-domain for this purpose.
1.
Encrypt the data source password.
a.
Change directory to the jboss-as directory and
get command prompt
b.
Run following command .abc@123 database password
(java -cp
client\jboss-logging-spi.jar;lib\jbosssx.jar
org.jboss.resource.security.SecureIdentityLoginModule abc@123
It will give Encoded password:
-448c91357056c19d)
2.
Create an application authentication policy with
the encrypted password.
a.
Open to JBOSS_HOME/server/<Profile>/conf/login-config.xml
b.
You have to add application-policy in the
policy tag as follows
<policy>
...
<!-- Example usage of the SecureIdentityLoginModule -->
<application-policy name="EncryptDBPassword">
<authentication>
<login-module
code="org.jboss.resource.security.SecureIdentityLoginModule"
flag="required">
<module-option
name="username">sa</module-option>
<module-option
name="password">-448c91357056c19d </module-option>
<module-option
name="managedConnectionFactoryName">jboss.jca:name= ussd,service=LocalTxCM</module-option>
</login-module>
</authentication>
</application-policy>
</policy>
3.
Configure the data source to use the application
authentication policy.Here you should remove user-name and password and add <security-domain>EncryptDBPassword</security-domain>
<datasources>
<local-tx-datasource>
<!-- MS SQL Configuration -->
<!--Start-->
<jndi-name>ussd</jndi-name>
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.MySQLExceptionSorter</exception-sorter-class-name>
<use-java-context>false</use-java-context>
<connection-url>jdbc:sqlserver://
127.0.0.1:5432;databaseName=USSDTEST</connection-url>
<driver-class>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver-class>
<!--<user-name>sa</user-name>-->
<!--<password>
</password>-->
<security-domain>EncryptDBPassword</security-domain>
<!--End-->
</local-tx-datasource>
</datasources>
4.
check the connection with JBoss EAP Admin console,
select datasource→Control → Test Connection(It should be success without and
exception on server log or console)
Refer: -https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/5/html/admin_console_user_guide/admin_console_user_guide-resources-datasources
https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/5/html/security_guide/encrypting_data_source_passwords
No comments:
Post a Comment