8 Replies Latest reply on Mar 20, 2013 4:16 AM by Chao Wang

    JBoss7 security-domain example with SecureIdentityLoginModule?

    Michael Echevarria Newbie

      Has anyone have a working example of <security-domain> working in JBoss7 while using the SecureIdentityLoginModule class to encrypt a database password?  I tried modifying a working login-config.xml configruation from previous JBoss 5 and its not working.  I keep getting this at startup

       

      Unauthenticated caller:null: java.lang.SecurityException: Unauthenticated caller:null
      

       

      I know the configuration is very different in JBoss7 so I'm sure I have a minor error somewhere since my configuration worked all the way through the 4 and 5 series.

       

      I got a simple script to encrypt the pass from the bin directory (i.e. ./encryptPass.sh myPassword1)

       

      #!/bin/bash
      ## Build ClassPath for command
      CP=
      CP=${CP}:../modules/org/picketbox/main/picketbox-4.0.0.CR1.jar
      CP=${CP}:../modules/org/jboss/logging/main/jboss-logging-3.0.0.GA.jar
      
      java -classpath ${CP} org.jboss.resource.security.SecureIdentityLoginModule $1
      

       

      In my standalone.xml I have the datasource and security domain defined like this

      <datasources>
        <datasource jndi-name="java:/oraclePool" pool-name="oraclePool" enabled="true" jta="true" use-java-context="true" use-ccm="true">
          <connection-url>jdbc:oracle:thin:@myurl:1521:mydb1</connection-url>
          <driver>com.oracle</driver>
          <pool>
            <min-pool-size>1</min-pool-size>
            <max-pool-size>200</max-pool-size>
            <prefill>true</prefill>
            <use-strict-min>false</use-strict-min>
            <flush-strategy>FailingConnectionOnly</flush-strategy>
          </pool>
          <security>
            <security-domain>encrypt</security-domain>
      
            <!-- works if I comment out security domain and uncomment plain user and pass
            <user-name>user</user-name>
            <password>password 1</password>
            -->
          </security>
          <statement>
            <track-statements>true</track-statements>
          </statement>
          <timeout>
            <blocking-timeout-millis>10000</blocking-timeout-millis>
            <idle-timeout-minutes>1</idle-timeout-minutes>
          </timeout>
          <validation>
            <exception-sorter class-name="org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter"></exception-sorter>
          </validation>
          </datasource>
            <drivers>
              <driver name="com.oracle" module="com.oracle">
                <xa-datasource-class>oracle.jdbc.xa.client.OracleXADataSource</xa-datasource-class>
              </driver>
            </drivers>
        </datasource>
      </datasources>
      
      <security-domain name="encrypt" cache-type="default">
        <authentication>
          <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
          <module-option name="username" value="user"/>
          <module-option name="password" value="388e8c68175fb02a4cce526e76882803"/>
          <module-option name="managedConnectionFactoryName" value="jboss.jca:service=LocalTxCM,name=oraclePool"/>
        </authentication>
      </security-domain>