-
1. Re: Secure password with Hashicorp Vault
dlofthouse May 9, 2018 6:21 AM (in response to fredrik.jonsson)1 of 1 people found this helpfulAs of WildFly 11 we support a new CredentialStore API/SPI - the following blog shows some information as to how this is used: -
Under The Elytron: Basics of Credential Store in WildFly (11.0.0.Beta1 Nightly)
For the problem you are trying to solve it sounds like someone would need to implement a custom Credential Store implementation that can integrate with the HashiCorp Vault you are trying to use.
-
2. Re: Secure password with Hashicorp Vault
boeroboy Mar 27, 2019 9:58 AM (in response to fredrik.jonsson)Hi I know this is really late to the party but for future searchers, Vault's REST API is documented and there are are Java wrappers as well. Full disclosure I work at Hashicorp so I'm just filling this in for future reference.
https://www.vaultproject.io/api/Language-specific wrappers:
https://www.vaultproject.io/api/libraries.html
Also I've written FUSE filesystem clients such that you can read secrets from Vault just as you can read files anywhere.As for secure introduction, you can authenticate via a few options including JWT, K8s service account, Cloud service account, LDAP, and more. That can be viewed here:
https://www.vaultproject.io/docs/auth/
Or you can store an auth token in the WildFly credential store as described earlier.
Thanks!
John