1 Reply Latest reply on Sep 21, 2012 12:12 AM by Travis Koch

    Encrypting ldap bindCredential in AS7

    Alexander Varakin Newbie

      I am trying to setup LdapExtLoginModule to use encrypted LDAP password in EAP 6 which is based on 7.1.2.

      So far this is what I did:

       

      Added this to standalone.xml:

       

      <module-option name="jaasSecurityDomain" value="jboss.security:service=JaasSecurityDomain,domain=jmx-console"/>

       

      Created jboss-service.xml and placed into deployment directory:

       

      <server>

      <mbean code="org.jboss.security.plugins.JaasSecurityDomain"

            name="jboss.security:service=JaasSecurityDomain,domain=jmx-console">

            <constructor>

               <arg type="java.lang.String" value="jmx-console"></arg>

            </constructor>

            <attribute name="KeyStorePass">server</attribute>

            <attribute name="Salt">server</attribute>

            <attribute name="IterationCount">66</attribute>

         </mbean>

      </server>

       

       

      JBoss immediately picked up jboss-service.xml but complained that org.jboss.security.plugins.JaasSecurityDomain does not exist.

      After some googling I found that jbosssx.jar is not included in AS7 and is replaced by picketbox.

       

      I was able to configure DataSource passwords using picketbox, should I follow this same approach with LDAP passwords? If so, how do I do it? It seems that LDAP assumes that we will use JaaSecurityDomain.

       

      Thanks!