I am using JBoss AS 5.1 + Ejb3 and Web services.
JBoss servers comunicate with eachother via web services, and act both as server an client.
I have server side set up with configured JaasSecurityDomain, but I have kind of issue with client side.
I have secure transport set up as described in http://community.jboss.org/wiki/JBossWS-SecureTransport#Client_side
But, I don't like my passwords being exposed in system properties and file in clear text.Can it be avoided somehow?
One possible solution is to set propery directly from code, but I don't like that one either.
Can passwords be stored elsewhere but in system properties? As I have JaasSecurityDomain set up for "server" can I use somehow it when this same JBoss AS server acts as a client?