2 Replies Latest reply on Oct 21, 2015 6:02 AM by mayerw01

    How to disable application-managed-security in jboss 6.2 ?

    vaibhav228
    vaibhav228 Oct 21, 2015 5:25 AM

      We are migrating from JBoss 5.1 to JBoss EAP 6.2.

       

      In 5.1, for creating and authenticating DB, we have used <security-domain> in db2-ds.xml and <security-domain> is in the login-config.xml.

      Also <application-managed-security> tag is not set, So it is not application-managed-security, but while getting connection from Datasource we have used -

       

      Connection conn = ds.getConnection("DB_USER","DB_USER");

       

      In 5.1 this code works fine and takes the username and password from login-config.xml only, even we have overridden the username, password in the code.

       

      In 6.2 I have mentioned the security-domain in the standalone.xml, it gets the username and password properly, but when it comes to above code line, it overrides the username & password.

      which results in failure of getting connection as username & password are not correct.

       

      If I use only

      Connection conn = ds.getConnection();

      It works properly.

       

      I don't want to change the code, as same base module is used by different project. But How can I disable the application-managed-security in 6.2 ? Is it by default enabled ?

       

      I referred the docs , they say application-managed-security is not supported in EAP 6.2. How to not consider the overridden username & password ?