Dashboard > dcm4chee-2.x > Home > How to configure secure DB password
How to configure secure DB password Log In | Sign Up   View a printable version of the current page.

Added by Gunter Zeilinger , last edited by Gunter Zeilinger on May 28, 2007
Labels: 
(None)

How to configure secure DB password

(Based on the information from http://wiki.jboss.org/wiki/Wiki.jsp?page=EncryptingDataSourcePasswords)

  1. Create encrypted password
    From command line in the JBoss installation location: 
    $ java -cp "lib/jboss-jmx.jar;lib/jboss-common.jar;server/default/lib/jboss-jca.jar;server/default/lib/jbosssx.jar"
org.jboss.resource.security.SecureIdentityLoginModule <required_db_password>
Encoded password: 234a8537d08918bbe8baca2bdb0ac31dc3bc376bef610c0a

    Note: <required_db_password> = your database password.

  2. Modify mysql-ds.xml for the database (server\default\deploy\mysql-ds.xml) 
    <datasources>
 <local-tx-datasource>
  <jndi-name>MySqlDS</jndi-name>
  <connection-url>jdbc:mysql://localhost:3306/pacsdb</connection-url>
  <driver-class>com.mysql.jdbc.Driver</driver-class>
  <!-- Remove username/password information from here -->
  <!-- Use the security domain defined in conf/login-config.xml -->
  <security-domain>EncryptDBPassword</security-domain>
  <exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.MySQLExceptionSorter</exception-sorter-class-name>
 </local-tx-datasource>
</datasources>
  3. Modify login-config.xml (server\default\conf\login-config.xml) 
    <policy>
  <!-- Example usage of the SecureIdentityLoginModule -->
  <application-policy name="EncryptDBPassword">
    <authentication>
      <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
        <module-option name="username">admin</module-option>
        <module-option name="password">234a8537d08918bbe8baca2bdb0ac31dc3bc376bef610c0a</module-option>
        <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>
      </login-module>
    </authentication>
  </application-policy>
</policy>

NOTE: The above configuration is for MySQL server. For all other databases, the proper name of the DB's jndi name has to be specified in the name parameter of the managedConnectionFactoryName. Ex: for MS SQL Server, substitute 'MySqlDS' with 'MSSQLDS'.

Contributors: Vladimir Kleper and Pat Mongkolwat
Powered by a free Atlassian Confluence Open Source Project License granted to dcm4che. Evaluate Confluence today.
Powered by Atlassian Confluence 2.7.1, the Enterprise Wiki. Bug/feature request - Atlassian news - Contact administrators