I'm not clear on what userid you talking about here. Is this something specific to HornetQ or more generally applicable to WildFly?
This is about Wildfly security. I'm referring to the user id in the management-users.properties file. It stores the user name and the hashed password. We want to keep the user name hidden as well as the password. I dont see any documented way of doing this. It does mention use of a truststore, i think as an alternative to using the properties file, could that be used to store user and password. Or perhaps could the vault be used ?
If no existing option exists, could someone point me to the code where the management-users file is handled, maybe we could custom code a solution there.
I moved this thread from the HornetQ forum to the WildFly forum since your question is about WildFly specifically and not HornetQ.
If you want to consider alternative storage options please see the following documentation on how to create your own plug-ins: -
Should point out that unless you are doing something fairly advanced and delegating this to something outside the server you are using to run WildFly then at best you are most likely to achieve obfuscation as you will most likely still end up with everything accessible to the wildfly process needed to reverse the encryption. In addition to this the username is also freely logged in both audit and debug logs.
Thanks, that looks like a possible solution but complicated.
I identified the class that reads mgmt-users.properties file to be as.domain.management.security.PropertiesFileLoader. Not sure yet where the file is created from.
Does JBoss provide a way to encrypt/decrypt files? If so, I could hook that into the PropertiesFileLoader.