Version 1
Created by eduardolmedeiros on Jul 1, 2014 10:00 AM. Last modified by eduardolmedeiros on Jul 1, 2014 10:00 AM.

    Nesse post ensinarei como configurar um datasource com senha criptografada no JBoss 4.3 EAP.

     

     

    Dados utilizados no exemplo.

     

    Diretório de instalação do JBoss: /opt/middle/jboss-eap-4.3/jboss-as

    Instancia: JB01

    Senha do banco de dados: password

    JNDI do datasource: ExampleDS

    Application Policy: EncryptExampleDS

     

    1) Exportando as variáveis de ambiente.

     

     

    export JBOSS_HOME=/app/jboss/jboss-4.3.0.GA_CP10/jboss-as
export JBOSS_INSTANCE=JB01
export DS_PASS=password

     

    2) Gerando senha criptografada.

     

     

    # java -cp $JBOSS_HOME/lib/jboss-common.jar:$JBOSS_HOME/lib/jboss-jmx.jar:$JBOSS_HOME/server/$JBOSS_INSTANCE/lib/jbosssx.jar:$JBOSS_HOME/server/$JBOSS_INSTANCE/lib/jboss-jca.jar org.jboss.resource.security.SecureIdentityLoginModule $DS_PASS

     

    Resultado esperado:

     

    # java -cp $JBOSS_HOME/lib/jboss-common.jar:$JBOSS_HOME/lib/jboss-jmx.jar:$JBOSS_HOME/server/$JBOSS_INSTANCE/lib/jbosssx.jar:$JBOSS_HOME/server/$JBOSS_INSTANCE/lib/jboss-jca.jar org.jboss.resource.security.SecureIdentityLoginModule $DS_PASS
Encoded password: 5dfc52b51bd35553df8592078de921bc

     

    3) Criando Application Policy.

     

    Insira o usuário e password criptografado.

     

    Arquivo: login-config.xml

     

     

    <policy>
    <application-policy name="EncryptExampleDS">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">oracle</module-option>
                <module-option name="password">5dfc52b51bd35553df8592078de921bc</module-option>
                <!-- Use this managedConnectionFactoryName for non-XA datasource -->
                <module-option name="managedConnectionFactoryName">jboss.jca:name=ExampleDS,service=LocalTxCM</module-option>               
                <!-- Use this managedConnectionFactoryName for XA datasource -->
                <!-- <module-option name="managedConnectionFactoryName">jboss.jca:name=ExampleDS,service=XATxCM</module-option> -->
            </login-module>
        </authentication>
    </application-policy>
</policy>

     

    Datasource:

     

    Arquivo: oracleds.xml

     

    <?xml version="1.0" encoding="UTF-8"?>
<datasources>
   <local-tx-datasource>
      <jndi-name>ExampleDS</jndi-name>
      <connection-url>jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.0.0.1)(PORT=1521))(CONNECT_DATA=(SID=ORACLEDB)))</connection-url>
      <driver-class>oracle.jdbc.OracleDriver</driver-class>
      <security-domain>EncryptExampleDS</security-domain>
      <min-pool-size>5</min-pool-size>
      <max-pool-size>40</max-pool-size>
      <idle-timeout-minutes>1</idle-timeout-minutes>
   </local-tx-datasource>
</datasources>

     

    Repare que o datasource acima, não contem as tags de username e password.

    Existe apenas um Security Domain apontando para o Application Policy criado no passo anterior.

     

     

    4) Faca um restart do JBoss e valide o Datasource.

     

     

    Abraços.