Encrypt MDB password in JBoss EAP

Issue

• We are using Message-driven Beans (MDB's) and according to the documentation, if a queue is password-protected, we need to add the following annotations to the MDB:

  @ActivationConfigProperty(propertyName = "user", propertyValue = "user"),  
  @ActivationConfigProperty(propertyName = "password", propertyValue = "password")
  

  I have this working. However, we are not allowed to store passwords in clear-text in our organization. Is there any facility for encrypting the password, similar to how it works for DataSources?

• We have a JMS password currently set in the SystemProperties as a plain text and referenced in ejb-jar.xml [MDB].
  We would need to encrypt or atleast mask the value for security reason.
  We are not able to use the Masking instruction directly as the values are set as activation-config-property.

  ejb-jar.xml

  <message-driven id="MyMDB">
  <ejb-name>MdbOne</ejb-name>
  <ejb-class>com.example.MdbOne</ejb-class>
  <transaction-type>Bean</transaction-type>
  <message-destination-type>javax.jms.Queue</message-destination-type>
  <activation-config>
      <activation-config-property>
          <activation-config-property-name>destination</activation-config-property-name>
          <activation-config-property-value>${JMS_NAME}</activation-config-property-value>
      </activation-config-property>
      <activation-config-property>....
  
      <activation-config-property>
          <activation-config-property-name>password</activation-config-property-name>
          <activation-config-property-value>${JMS_PASSWORD}</activation-config-property-value>
      </activation-config-property>
  </activation-config>
  </message-driven>