-
1. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
jaikiran Apr 3, 2012 4:49 AM (in response to rahul.pani)Which version of JBoss AS?
-
2. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
rahul.pani Apr 3, 2012 5:02 AM (in response to jaikiran)Version is JBoss 5.1.0.GA
-
3. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
jaikiran Apr 3, 2012 5:07 AM (in response to rahul.pani)One possible workaround would be to use encrypted datasource passwords https://community.jboss.org/wiki/EncryptingDataSourcePasswords
-
4. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
rahul.pani Apr 3, 2012 5:56 AM (in response to jaikiran)It will be helpful in adding the encypted password. But internally it will be getting decrypted and is getting logged in debug. I saw snipped of the code
value = StringPropertyReplacer.replaceProperties(value);
log.debug("setting property: " + name + " to value " + value);
And this value only its using. So i guess this must be the decrypted value.
-
5. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
jaikiran Apr 3, 2012 6:06 AM (in response to rahul.pani)Rahul Singh wrote:
It will be helpful in adding the encypted password. But internally it will be getting decrypted and is getting logged in debug.
No it won't get decrypted - it's a one way hash. Did you try the approach mentioned in that article?
-
6. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
rahul.pani Apr 3, 2012 6:19 AM (in response to jaikiran)I added
<depends>jboss.jca:name=PostgresDS,service=XATxCM</depends>
<security-domain>EncryptXADBPassword</security-domain>
instead of
<xa-datasource-property name="User">$username}</xa-datasource-property>
<xa-datasource-property name="Password">${password}</xa-datasource-property>
and added in login-config.xml
<application-policy name="EncryptXADBPassword">
<authentication>
<login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
<module-option name="username">${username}</module-option>
<module-option name="password">6f8e652f571678f2</module-option>
<module-option name="managedConnectionFactoryName">jboss.jca:name=PostgresDS,service=XATxCM</module-option>
</login-module>
</authentication>
</application-policy>
But it did not start properly logged deployment failures. It might be related to my settings but if you say so that it should i will try again. Thanks
-
7. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
jaikiran Apr 3, 2012 6:20 AM (in response to rahul.pani)Rahul Singh wrote:
But it did not start properly logged deployment failures.
You'll have to check why the deployment fails.
-
8. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
rahul.pani Apr 3, 2012 6:55 AM (in response to jaikiran)I am getting following exception
2012-04-03 16:18:22,289 ERROR [org.jboss.resource.security.AbstractPasswordCredentialLoginModule] [main] The ConnectionManager mbean: jboss.jca:name=RuntimeLibDS,service=XATxCM specified in a ConfiguredIdentityLoginModule could not be found. ConnectionFactory will be unusable!
javax.management.InstanceNotFoundException: jboss.jca:name=RuntimeLibDS,service=XATxCM is not registered.
at org.jboss.mx.server.registry.BasicMBeanRegistry.get(BasicMBeanRegistry.java:526)
at org.jboss.mx.server.MBeanServerImpl.getAttribute(MBeanServerImpl.java:559)
at org.jboss.resource.security.AbstractPasswordCredentialLoginModule.getMcf(AbstractPasswordCredentialLoginModule.java:118)
-
9. Re: Passwords are getting logged in log file through datasource configuration when jboss logging is in debug level
rahul.pani Apr 3, 2012 7:04 AM (in response to rahul.pani)Thanks a lot the problem is resolved the exception came because of configuration problem