7 Replies Latest reply on May 4, 2006 11:32 AM by j2ee_junkie

    Password Encryption and JMX Console

    mesch02

      How do I encrypt the password for proxy settings in the JMX console? We have a need to keep proxy username and password in the JMX console but we need the password to be encrypted not plain text. How do you do this?

      Chris

        • 1. Re: Password Encryption and JMX Console
          j2ee_junkie

          Hey Chris,

          Maybe you could try this http://wiki.jboss.org/wiki/Wiki.jsp?page=EncryptingDataSourcePasswords
          Let me know if this works for you.

          chris griffith

          • 2. Re: Password Encryption and JMX Console
            mesch02

            Chris,
            Thank you for your response. However, the proxy information is not controlled by the DS. It has to be entered on the JAVA_OPTS line or in the JMX-Console. The problem is that you can do a java.lang.string get() and enter the variable to get and it returns the password for the proxy in clear text. I need to have this password at least encoded and preferably encrypted. Let me know if you have any other ideas.

            Thanks,
            Chris

            • 3. Re: Password Encryption and JMX Console
              j2ee_junkie

              I'm sorry, I guess I do not know what you mean by

              proxy settings in the JMX console


              • 4. Re: Password Encryption and JMX Console
                mesch02

                Chris,
                I can enter the proxy variables such as http.proxyUser and http.proxyPassword via the JMX-Console using the java.lang.String set() invocation. Once this is set, you can retrieve these credentials by using the java.lang.String get() method to see the information. This information is in clear text. Is there any way to make the variables entered here be encrypted?

                Thank you for your help.

                Chris

                • 5. Re: Password Encryption and JMX Console
                  j2ee_junkie

                  Chris,

                  Are you referring to using the jmx-console to set properties via the org.jboss.varia.property.SystemPropertiesService mbean?

                  If so, then maybe you could hack the jmx-console web.xml to use SSL for that one URL.

                  later, cgriffith

                  • 6. Re: Password Encryption and JMX Console
                    fauma03

                    Basically, we're using JBoss to interface with a corporate proxy server and need to include authentication information.

                    If we enter the auth info in the console then we need to secure the console in some way (and we have no JAAS domain) or we need to store that info in the file system (on java_opts for instance) in some way other than clear text.

                    We appreciate any suggestions.

                    • 7. Re: Password Encryption and JMX Console
                      j2ee_junkie

                      You should have the jmx-console secured!

                      I am assuming that you have some connection authentication fields that can be set via an mbean in the jmx-console. If that is the case, then I am again assuming that you want a way for the jmx-console to encrypt these fields when you submit them via the console. What I have suggested should work for this case. Alter the security constaints of the console so that when you submit that one request, it must be secured and encrypted (i.e. set the transport-guarantee element to ensure SSL is used by client and server.)

                      If this is not even close to what you want, then please be more specific.

                      cgriffith