0 Replies Latest reply on Sep 11, 2012 5:51 AM by rella

    Can we use vault in authentication/login-module or anthentication/users?

    rella

      Hello all,

       

      As the article https://community.jboss.org/wiki/JBossAS7SecuringPasswords describes, we can use vault to secure datasource password. For authentication, can we also use vault to secure sensitive strings?

      Just like that:

      <security-realms>

                  <security-realm name="ManagementRealm">

                      <authentication>

                          <users>

                               <user username="test">

                                   <password>${VAULT::...........}</password>

                               </user>

                          </users>

                      </authentication>

                  </security-realm>

      </security-realms>

      ...

                <security-domains>

                      <security-domain name="other" cache-type="default">

                          <authentication>

                              <login-module code="Remoting" flag="optional">

                                  <module-option name="password-stacking" value="${VAULT::......}"/>

                              </login-module>

                          </authentication>

                      </security-domain>

                <security-domains>

      ...