All,

JBOSS Version: 4.0.5.GA

We are running several production applications on one production JBOSS AS. Each has its own datasource file. In the past, we've kept the database password in the datasource file in CLEAR TEXT. We've only recently figured out how to encrypt the database password using the documentation located here: http://community.jboss.org/wiki/encryptingdatasourcepasswords

Our problem

This solution works, but it means adding an entry to the login-config.xml for each and every application. We'd like to avoid this for server-maintenance reasons. The questions is: Is it possible to keep the username and password in the datasource file without having to make changed to the login-config.xml, while still using an encrypted password???

For example, I feel like it should be possible to do something like this:

<?xml version="1.0" encoding="UTF-8"?>
<datasources>

  <local-tx-datasource>
    <jndi-name>jdbc/facelets1DS</jndi-name>
    <connection-url>CONNECTION_STRING</connection-url>
  <driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
  <user-name>user</user-name>
  <password>786ASD8A7ASD</password> <!-- ENCRYPTED PASSWORD -->
  <connection-property name="SetBigStringTryClob">true</connection-property>

<!-- SOME CODE HERE TO LET JBOSS KNOW TO DECRYPT VIA           org.jboss.resource.security.SecureIdentityLoginModule -->

  </local-tx-datasource>

</datasources>

----------------------------------------------------------------

Any suggestions?? Has anyone run up against this before??