java ee - Wildfly - set datasource password at runtime -



java ee - Wildfly - set datasource password at runtime -

i developing server application using jboss wildfly 8.1 , jpa hibernate. problem is, jpa datasource creditials have loaded @ runtime (password). when server starts, connects encrypted storage retrieves password real database. after that, should found connection real database.

i tried several things already: lookup datasource through jndi , rebind actual ds. lookup entitymanagerfactory through jndi , rebind custom entitymanager.

but none of these work. have thought how solve it?

my config:

persistence.xml:

<?xml version="1.0" encoding="utf-8"?> <persistence version="2.0"> <persistence-unit name="persistence_unit" transaction-type="jta"> <provider>org.hibernate.jpa.hibernatepersistenceprovider</provider> <jta-data-source>java:jboss/datasources/datasource</jta-data-source> ...classes... <properties> <!-- properties hibernate --> <property name="hibernate.dialect" value="org.hibernate.dialect.mysql5innodbdialect"/> <property name="hibernate.hbm2ddl.auto" value="update"/> <property name="hibernate.show_sql" value="false"/> <property name="hibernate.format_sql" value="false"></property> <property name="hibernate.connection.useunicode" value="true"/> <property name="hibernate.connection.characterencoding" value="utf-8"/> <property name="hibernate.connection.charset" value="utf-8"/> <property name="org.hibernate.flushmode" value="commit" /> <!-- 1 of import --> <property name="jboss.entity.manager.factory.jndi.name" value="java:/entitymanagerfactory"/> <property name="jboss.entity.manager.jndi.name" value="java:/manager1"/> </properties> </persistence-unit> </persistence>

datasource (defined in standalone.xml):

<datasource jndi-name="java:jboss/datasources/datasource" pool-name="ds" enabled="true" use-java-context="true"> <connection-url>jdbc:mysql://localhost:3306/repository</connection-url> <connection-property name="usecompression"> false </connection-property> <connection-property name="logslowqueries"> false </connection-property> <connection-property name="zerodatetimebehavior"> converttonull </connection-property> <connection-property name="characterencoding"> utf8 </connection-property> <connection-property name="useunicode"> true </connection-property> <connection-property name="connectioncollation"> utf8_unicode_ci </connection-property> <driver>mysql</driver> <security> <user-name>user</user-name> <password>to_be_defined</password> </security> </datasource>

accessing entity manager:

@stateless @local public class genericdatabean { @persistencecontext(type=persistencecontexttype.transaction) private entitymanager em; ... }

a possible solution problem utilize security domain datasource. in case must create custom login module responsible load password encrypted storage. configuration should similar to.

datasource:

class="lang-xml prettyprint-override"><datasource ... > ..... <security> <security-domain>encryptedpassword</security-domain> </security> </datasource>

security donain:

class="lang-xml prettyprint-override"><security-domain name="encryptedpassword"> <authentication> <login-module code="com.example.encryptedpasswordloginmodule" flag="required"> <!-- list of options --> <module-option name="username" value="theusername"/> <module-option name="managedconnectionfactoryname" value="jboss.jca:service=localtxcm,name=ds"/> </login-module> </authentication> </security-domain>

login module implementation:

class="lang-java prettyprint-override">public class encryptedpasswordloginmodule extends abstractpasswordcredentialloginmodule{ private string username; public void initialize(subject subject, callbackhandler handler, map sharedstate, map options){ super.initialize(subject, handler, sharedstate, options); username = (string) options.get("username"); if( username == null ){ throw new illegalargumentexception("the user name required option"); } } public boolean login() throws loginexception{ if( super.login() == true ) homecoming true; super.loginok = true; homecoming true; } public boolean commit() throws loginexception{ principal principal = new simpleprincipal(username); subjectactions.addprincipals(subject, principal); sharedstate.put("javax.security.auth.login.name", username); try{ char[] password = .... //code load encrypted password; passwordcredential cred = new passwordcredential(username, password); cred.setmanagedconnectionfactory(getmcf()); subjectactions.addcredentials(subject, cred); } catch(exception e){ throw new loginexception("failed load encrypted password: "+e.getmessage()); } homecoming true; } public boolean abort(){ username = null; homecoming true; } protected principal getidentity(){ principal principal = new simpleprincipal(username); homecoming principal; } protected group[] getrolesets() throws loginexception{ group[] empty = new group[0]; homecoming empty; } }

maybe can help.

java-ee jpa jboss datasource wildfly-8

Comments

Post a Comment

Popular posts from this blog

Delphi change the assembly code of a running process -

Delphi change the assembly code of a running process - i'm trying alter address 00741fa5 has push test.009e721c . alter push test.009e71c8 . procedure callback; asm force $9e71c8 end; procedure tform2.btn1click(sender: tobject); var ppid :dword; pprocess : cardinal; begin getwindowthreadprocessid(findwindow(nil,pchar('test')), @ppid); pprocess := openprocess(process_all_access, false, ppid); injectasm(pprocess, $741fa5, 10, integer(@callback), 0); end; here injectasm function (with error checking) function injectasm(process: longword; injectaddress, injectsize, codeaddress, codesize : integer): pointer; var csize, rsize : integer; replaced : array of byte; jmp : array [0..4] of byte; jmpaddress : integer; nopv : byte; : integer; nbr: ulong_ptr; begin //injectsize must equal or greater 5, because need space our //(far) jmp wwxxyyzz instruction //if there's no space, inject in place of few instructions if injectsize ...
Read more

json - Hibernate and Jackson (java.lang.IllegalStateException: Cannot call sendError() after the response has been committed) -

json - Hibernate and Jackson (java.lang.IllegalStateException: Cannot call sendError() after the response has been committed) - hello have problem hibernate , jackson. have 2 pojos @entity @table(name = "users") public class user implements serializable { static final long serialversionuid = 4235637833262722256l; @id @generatedvalue private int id; @column(name = "creation_date") private date creationdate; @column(name = "first_name") private string firstname; @column(name = "last_name") private string lastname; @version @column(name = "version") private int version; @column(name = "e_mail") private string email; @column(name = "enabled") private boolean enabled; @column(name = "login") private string login; @column(name = "password") private string password; @jsonmanagedreference("role") @onetomany(mappedby = "user", cascade = cascadetype.all,fetch = fetchtyp...
Read more

C++ 11 "class" keyword -

C++ 11 "class" keyword - i've started using c++ 11 little bit more , have few questions on special uses of class keyword. know it's used declare class, there's 2 instances have seen don't understand: method<class t>(); and class class_name *var; why precede typename keyword class in first example, , keyword pointer in sec example? that known elaborated type specifier , necessary when class name "shadowed" or "hidden" , need explicit. class t { }; // love of god don't t t; t t2; if compiler smart, give these warnings: main.cpp:15:5: error: must utilize 'class' tag refer type 't' in scope t t2; ^ class main.cpp:14:7: note: class 't' hidden non-type declaration of 't' here t t; ^ if class not defined, deed forwards declaration. for example: template <typename t> void method() { using type = typename t::value_type; } method...
Read more