2 Replies Latest reply on Nov 9, 2011 6:52 AM by jaikiran Branched from an earlier discussion.

    Securing password for datasources in AS7

    borgeh

      I have a similar problem.

      We needed of a datasource defined in standalone.xml

       

      We did not want the username/password to the production database stored in standalone.xml, and our first try was to pass it in as a system property. It worked, but then the username/password was logged to our boot.log.

       

      Our next try was to add the username/password to a property file.

      We addeda "-Pdatasource.properties" to the call of standalone.sh

      It worked, and username/password was not logget to our boot.log anymore.

       

      But now we got a new problem!!

       

      For some reason JBoss7 writes the standalone.xml back to disk, and resolves the properties stored in datasource.properties to standalone.xml.

       

      datasource.properties

      datasource.username=myuser

      datasource.password=mypassword

       

      standalone.xml

        <user-name>${datasource.username}</user-name>

        <password>${datasource.password}</password>

       

      was after booting up JBoss7 saved back to the standalone.xml as

       

        <user-name>myuser</user-name>

        <password>mypassword</password>

       

      It seems to me as a bug i Jboss7.

      Any idea anyone?

       

      We even tried to write protect standalone.xml and got the following result:

      "Failed to store configuration to standalone.xml: java.io.FileNotFoundException: /opt/jboss-7.0.2/standalone/configuration/standalone.xml (Permission denied)"