2 Replies Latest reply: Nov 9, 2011 6:52 AM by jaikiran pai Branched from an earlier discussion. RSS

Securing password for datasources in AS7

borgeh Newbie

I have a similar problem.

We needed of a datasource defined in standalone.xml

 

We did not want the username/password to the production database stored in standalone.xml, and our first try was to pass it in as a system property. It worked, but then the username/password was logged to our boot.log.

 

Our next try was to add the username/password to a property file.

We addeda "-Pdatasource.properties" to the call of standalone.sh

It worked, and username/password was not logget to our boot.log anymore.

 

But now we got a new problem!!

 

For some reason JBoss7 writes the standalone.xml back to disk, and resolves the properties stored in datasource.properties to standalone.xml.

 

datasource.properties

datasource.username=myuser

datasource.password=mypassword

 

standalone.xml

  <user-name>${datasource.username}</user-name>

  <password>${datasource.password}</password>

 

was after booting up JBoss7 saved back to the standalone.xml as

 

  <user-name>myuser</user-name>

  <password>mypassword</password>

 

It seems to me as a bug i Jboss7.

Any idea anyone?

 

We even tried to write protect standalone.xml and got the following result:

"Failed to store configuration to standalone.xml: java.io.FileNotFoundException: /opt/jboss-7.0.2/standalone/configuration/standalone.xml (Permission denied)"