2 Replies Latest reply on Apr 6, 2012 7:06 AM by rahul.pani

    Use Encryption/Decryption of datasource password using existing keystore.

    rahul.pani

      Can anyone please suggest how to plug in code in Jboss to decrypt the Datasource Password at runtime.

       

      I went through the article https://community.jboss.org/wiki/EncryptingDataSourcePasswords but did not find a way to extend the functionality and use my code to decrypt the password

      using the already existing keystore and keystore password.

        • 1. Re: Use Encryption/Decryption of datasource password using existing keystore.
          rahul.pani

          Also i already have a way to encrypt password through the exiting keystore and do not want to use JBoss classes to encrypt password . Just need a way to plug in code to use this existing encrypted password for Datasource password

          • 2. Re: Use Encryption/Decryption of datasource password using existing keystore.
            rahul.pani

            I think that i can use the attributes

             

               <mbean code="org.jboss.ejb.plugins.cmp.jdbc.metadata.MetaDataLibrary"

                  name="jboss.jdbc:service=metadata"/>

             

                <mbean code="org.jboss.security.plugins.JaasSecurityDomain"

                  name="jboss.security:service=JaasSecurityDomain,domain=ServerMasterPassword">

                  <constructor>

                     <arg type="java.lang.String" value="ServerMasterPassword"></arg>

                  </constructor>

                  <attribute name="KeyStoreURL">keystorepath</attribute>

                  <attribute name="KeyStorePass">keystoreId</attribute>

                  <attribute name="KeyStoreAlias">alias</attribute>

                  <attribute name="CipherAlgorithm">RSA/ECB/PKCS1Padding</attribute>     

               </mbean>

             

            Can someone please tell me if thats the correct of use the keystore attrubutes. I am using JsafeJCE as the security provide but dont know where i can put this value.