How can we encrypt the password in the security configuration inside host.xml?

Latest response

I want to encrypt the ldap connection password in the security configuration inside host.xml. How can we do that in JBoss 6.3?

Responses

how about using password vault?

https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.1/html-single/Administration_and_Configuration_Guide/#Configure_the_Enterprise_Application_Platform_to_Use_the_Password_Vault1

Thank you for the reply Lee. Can I use password vault configuration also for encrypting the ldap password in host.xml? In the above link I can see the example is for encrypting the data source password.

Also how can we define the salt value and iteration count while masking the Keystore password?

Hi, the EAP 6.3 documentation is has a bit more up-to-date information:

https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.3/html-single/Security_Guide/index.html#chap-Secure_Passwords_and_Other_Sensitive_Strings_with_Password_Vault

You can use a password vault for configuration passwords wherever expressions are allowed.

See https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.3/html-single/Security_Guide/index.html#Store_and_Retrieve_Encrypted_Sensitive_Strings_in_the_Java_Keystore

The datasource password there is just an example, you should be able to use the same method for an ldap password if that attribute allows expressions.