Encrypted Passwords in JBoss EAP 6/7.0 Datasources with SecureIdentityLoginModule

Solution Verified - Updated -

Issue

  • Encrypt clear text password without using Vault

  • Specify security-domain if the profile is configured with 2 different datasource, each with different username and password

  • Configuration fails with the following exception:

    Caused by: java.sql.SQLException: Access denied for user ''@'10.10.10.10' (using password: NO)
    at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1078)
    at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4187)
    at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4119)
    at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:927)
    ...
    at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:346)
    at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:254)
    ... 5 more

  • Compare org.picketbox.datasource.security.SecureIdentityLoginModule versus Vault. Which is better?

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6
    • 7.0
  • Datasource connection configuration with login-module code="SecureIdentityLogin"

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content