运行环境:JBoss EAP 6.3.0 + Oracle Database XE 11gR2
之前写了一篇文章,也是《加密数据源口令(EAP 5.1.2)》,不过是针对JBoss EAP 5.1.2版本。
正好今天(2014-08-07)JBoss EAP 6.3.0 发布,我就拿它来测试一下。
1. 首先配置好明文的Oracle 数据源,详细步骤请参考《配置Oracle数据源》。
2. 生成加密口令
java -cp /Users/maping/Redhat/Eap/jboss-eap-6.3/modules/system/layers/base/org/picketbox/main/picketbox-4.0.19.SP8-redhat-1.jar:/Users/maping/Redhat/Eap/jboss-eap-6.3/modules/system/layers/base/org/jboss/logging/main/jboss-logging-3.1.4.GA-redhat-1.jar org.picketbox.datasource.security.SecureIdentityLoginModule demo
输出如下:
Encoded password: 68e0c86af11171b6
3. 修改standalone.xml文件
(1)在 subsystem xmlns="urn:jboss:domain:security:1.2"的 security-domains中增加一个security-domain,内容如下:
<security-domain name="EncryptDBPassword">
<authentication>
<login-module code="org.picketbox.datasource.security.SecureIdentityLoginModule" flag="required">
<module-option name="username" value="demo"/>
<module-option name="password" value="68e0c86af11171b6"/>
<module-option name="managedConnectionFactoryName" value="jboss.jca:service=LocalTxCM,name=OracleDSDemoPool"/>
</login-module>
</authentication>
</security-domain>
(2)修改原来的Oracle Datasource配置,去掉user-name/password配置,替换为指定的security-domain:EncryptDBPassword
<datasource jndi-name="java:jboss/datasources/OracleDSDemo" pool-name="OracleDSDemoPool" enabled="true">
<connection-url>jdbc:oracle:thin:@192.168.0.104:1521:XE</connection-url>
<driver>oracle</driver>
<security>
<security-domain>EncryptDBPassword</security-domain>
</security>
</datasource>
4. 启动JBoss EAP,测试OracleDSDemoPool,确定测试成功。
参考文献:
1. http://blog.csdn.net/mmoooodd/article/details/17128045
2. http://middlewaremagic.com/jboss/?p=1026
3. https://mojo.redhat.com/docs/DOC-153998
4. https://community.jboss.org/wiki/JBossAS7SecuringPasswords
5. https://community.jboss.org/wiki/AS7UtilisingMaskedPasswordsViaTheVault
6. http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html/Encrypting_Data_Source_Passwords.html
7. http://wei-meilin.blogspot.com/2012/07/datasourcepicketbox-vault.html
之前写了一篇文章,也是《加密数据源口令(EAP 5.1.2)》,不过是针对JBoss EAP 5.1.2版本。
正好今天(2014-08-07)JBoss EAP 6.3.0 发布,我就拿它来测试一下。
1. 首先配置好明文的Oracle 数据源,详细步骤请参考《配置Oracle数据源》。
2. 生成加密口令
java -cp /Users/maping/Redhat/Eap/jboss-eap-6.3/modules/system/layers/base/org/picketbox/main/picketbox-4.0.19.SP8-redhat-1.jar:/Users/maping/Redhat/Eap/jboss-eap-6.3/modules/system/layers/base/org/jboss/logging/main/jboss-logging-3.1.4.GA-redhat-1.jar org.picketbox.datasource.security.SecureIdentityLoginModule demo
输出如下:
Encoded password: 68e0c86af11171b6
3. 修改standalone.xml文件
(1)在 subsystem xmlns="urn:jboss:domain:security:1.2"的 security-domains中增加一个security-domain,内容如下:
<security-domain name="EncryptDBPassword">
<authentication>
<login-module code="org.picketbox.datasource.security.SecureIdentityLoginModule" flag="required">
<module-option name="username" value="demo"/>
<module-option name="password" value="68e0c86af11171b6"/>
<module-option name="managedConnectionFactoryName" value="jboss.jca:service=LocalTxCM,name=OracleDSDemoPool"/>
</login-module>
</authentication>
</security-domain>
(2)修改原来的Oracle Datasource配置,去掉user-name/password配置,替换为指定的security-domain:EncryptDBPassword
<datasource jndi-name="java:jboss/datasources/OracleDSDemo" pool-name="OracleDSDemoPool" enabled="true">
<connection-url>jdbc:oracle:thin:@192.168.0.104:1521:XE</connection-url>
<driver>oracle</driver>
<security>
<security-domain>EncryptDBPassword</security-domain>
</security>
</datasource>
4. 启动JBoss EAP,测试OracleDSDemoPool,确定测试成功。
参考文献:
1. http://blog.csdn.net/mmoooodd/article/details/17128045
2. http://middlewaremagic.com/jboss/?p=1026
3. https://mojo.redhat.com/docs/DOC-153998
4. https://community.jboss.org/wiki/JBossAS7SecuringPasswords
5. https://community.jboss.org/wiki/AS7UtilisingMaskedPasswordsViaTheVault
6. http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html/Encrypting_Data_Source_Passwords.html
7. http://wei-meilin.blogspot.com/2012/07/datasourcepicketbox-vault.html
没有评论:
发表评论