Encrypted Passwords in JBoss EAP 6/7.0 Datasources with SecureIdentityLoginModule

Solution Verified - Updated -

Issue

  • Encrypt clear text password without using Vault

  • Specify security-domain if the profile is configured with 2 different datasource, each with different username and password

  • Configuration fails with the following exception:

    Caused by: java.sql.SQLException: Access denied for user ''@'10.10.10.10' (using password: NO)
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1078)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4187)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4119)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:927)
        ...
        at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:346)
        at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:254)
        ... 5 more
    
  • Compare org.picketbox.datasource.security.SecureIdentityLoginModule versus Vault. Which is better?

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6
    • 7.0
  • Datasource connection configuration with login-module code="SecureIdentityLogin"

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In