Reputation: 55
Defining datasources in wildfly31 standalone.xml file using credential-reference to refer passwords
Is there something changed between wildfly-26 and wildfly-31. I was able to define a data source , while providing the username and password inside tag for the data source tag throws me an error saying it's not a valid tag. looks like it was deprecated or unsupported for wildfly31
Following was the approach that i used to define a data sources
WildFly 26
WildFly 26 data source configuration which used to work
<datasource enabled="true" jndi-name="java:/jdbc/bankstate_kghs" jta="true" pool-name="jdbc/bankstate_kghs" statistics-enabled="true" use-ccm="true" use-java-context="true" xmlns="urn:jboss:domain:datasources:7.0">
<connection-url>jdbc:sqlserver://piligerwest1:1433;databaseName=master;trustServerCertificate=true;applicationName=bankstate</connection-url>
<driver>bankstate</driver>
<pool>
<min-pool-size>0</min-pool-size>
<max-pool-size>100</max-pool-size>
<use-strict-min>false</use-strict-min>
<prefill>false</prefill>
</pool>
<security>
<user-name>admin</user-name>
<credential-reference alias="bankstate-admin" store="bankstate_cred_store"/>
</security>
<validation>
<valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.mssql.MSSQLValidConnectionChecker"/>
<exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mssql.MSSQLExceptionSorter"/>
<background-validation-millis>120000</background-validation-millis>
<background-validation>true</background-validation>
</validation>
<timeout>
<idle-timeout-minutes>1</idle-timeout-minutes>
</timeout>
</datasource>
The above approach wasn't working while defining a data source for WildFly 31 because it doesn't support and tag
WildFly 31
I tried below approach for wildfly31 by following the wildly documentation and domain.xml file but this doesn't works.
<datasource enabled="true" jndi-name="java:/jdbc/bankstate_gts" jta="true" pool-name="jdbc/bankstate_gts" statistics-enabled="true" use-ccm="true" use-java-context="true" xmlns="urn:jboss:domain:datasources:7.1">
<connection-url>jdbc:sqlserver://piligerwest1:1433;databaseName=master;applicationName=bankstate</connection-url>
<driver>bankstate10</driver>
<pool>
<min-pool-size>0</min-pool-size>
<max-pool-size>100</max-pool-size>
<use-strict-min>false</use-strict-min>
<prefill>false</prefill>
</pool>
<security username="admin" password="Ajndnjenekdek">
</security>
<validation>
<valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.mssql.MSSQLValidConnectionChecker"/>
<exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mssql.MSSQLExceptionSorter"/>
<background-validation-millis>120000</background-validation-millis>
<background-validation>true</background-validation>
</validation>
<timeout>
<idle-timeout-minutes>1</idle-timeout-minutes>
</timeout>
</datasource>
How can i define username and password using credential-reference inside in wildfly31. The reason we are using credential-reference because of security issues and we want the user password to be hidden.
Upvotes: 0
Views: 782
Answers (2)
Reputation: 1
In wildfly 31 the entry should be as below:
<security user-name="admin">
<credential-reference store="bankstate_cred_store" alias="bankstate-admin"/>
</security>
This can also be done via CLI:
batch
/subsystem=datasources/data-source="jdbc/bankstate_gts":write-attribute(name=credential-reference,value={store="bankstate_cred_store", alias="bankstate-admin"})
/subsystem=datasources/data-source="jdbc/bankstate_gts":undefine-attribute(name=password)
run-batch
Upvotes: 0
Reputation: 17815
You haven't described the error you're getting, but I think I see the issue.
In WildFly 26 you have the following in your snippet:
<security>
<user-name>admin</user-name>
<credential-reference alias="bankstate-admin" store="bankstate_cred_store"/>
</security>
In WildFly 31 you changed it to:
<security username="admin" password="Ajndnjenekdek">
</security>
Note you switched from using elements to attributes.
I'm not really sure where you got the reference to a domain.xml. As you're question is about the standalone.xml configuration.
In either case it's really best to use a management interface to modify the configuration. This could be the web console or CLI as an example.
CLI Example
/subsystem=datasources/data-source=jdbc\/bankstate_kghs:add(connection-url="jdbc:sqlserver://piligerwest1:1433;databaseName=master;trustServerCertificate=true;applicationName=bankstate", \
driver-name="bankstate", \
jndi-name="java:/jdbc/bankstate_kghs", \
use-ccm=true, \
jta=true, \
statistics-enabled=true, \
use-java-context=true, \
enabled=true, \
min-pool-size=0, \
max-pool-size=100, \
pool-use-strict-min=false, \
pool-prefill=false, \
user-name=admin, \
credential-reference={alias=bankstate-admin, \
store=bankstate_cred_store}, \
valid-connection-checker-class-name=org.jboss.jca.adapters.jdbc.extensions.mssql.MSSQLValidConnectionChecker, \
exception-sorter-class-name=org.jboss.jca.adapters.jdbc.extensions.mssql.MSSQLValidConnectionChecker, \
background-validation-millis=1200, \
background-validation=true, \
idle-timeout-minutes=1 \
)
Upvotes: 1
Related Questions
- Debugging high PostgreSQL memory usage (per connection)
- Advantage of PgBouncer with WildFly/Application Server connection pool?
- Connection to database (MS-SQL) is getting closed randomly after migrating from Jboss 4 to Wildfly 8
- How to resolve the error "Could not unbind factory from JNDI: org.hibernate.engine.jndi.JndiException?
- HTTP Thread Pooling and JNDI Datasource Connection pools
- Using maxIdle and minIdle time Connection Properties in JBoss/WildFly
- How do disable connection pooling in Wildfly/JBoss?