Reputation: 30448
Encrypting sensitive information in JBoss configuration
The standard data source configuration in JBoss requires the username and password of the database user to be in the xxx-ds.xml file. If I define my data source as a c3p0 mbean I encounter the same issue.
Is there a standard way to have the user and password encrypted? What is a good place to save the key?
This of course relevant to tomcat too - context.xml files, spring configuration files, etc.
Upvotes: 11
Views: 1711
Answers (2)
Reputation: 2826
for the spring part, you can use your own extension of spring's PropertyPlaceholderConfigurer with the String convertPropertyValue(String originalValue) overridden. As the javadoc for the method mentions it (actually in superclass PropertyResourceConfigurer):
Convert the given property value from the properties source to the value that should be applied.
The default implementation simply returns the original value. Can be overridden in subclasses, for example to detect encrypted values and decrypt them accordingly.
This means you can configure your datasource with ${encoded.value} in the spring xml file, and decode the value before injecting the decoded value into the datasource.
Upvotes: 1
Reputation: 30934
There is a wiki document out there: http://www.jboss.org/community/docs/DOC-9703 that describes this.
Upvotes: 6
Related Questions
- Tomcat JDBC (Datasource) password encryption and decryption
- Datasource encryption in jboss eap 6
- JBoss AS 7.1 - datasource how to encrypt password
- Storing sensitive infomation
- How to pass encryption related properties from tomcat's context.xml for jdbc connection in java?
- Cryptography sensitive information using spring
- Encrypting Datasource password for JBOSS and Tomcat6
- Custom JBoss DataSorurce password encryption?
- User Data Encryption for a Java Web Application (Spring/Jboss)
- HTTPS configuration in Jboss