paulwong

JBoss下DataSource加密(下)

数据源文件:my-oracle-ds.xml

<datasources>
    
<local-tx-datasource>
        
<jndi-name>jdbc/my-local</jndi-name>
        <connection-url>
            jdbc:oracle:thin:@10.5.7.30:1521:orcl
        
</connection-url>
        
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
        <security-domain>EncryptedOracleDbRealm</security-domain>
        
<exception-sorter-class-name>
            org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter
        
</exception-sorter-class-name>
        
<metadata>
            
<type-mapping>Oracle10g</type-mapping>
        
</metadata>
        
<depends>
            jboss.security:service=JaasSecurityDomain,domain=ServerMasterPassword
        
</depends>
    
</local-tx-datasource>



    
<mbean code="org.jboss.security.plugins.JaasSecurityDomain"
        name
="jboss.security:service=JaasSecurityDomain,domain=ServerMasterPassword">
        
<constructor>
            
<arg type="java.lang.String" value="ServerMasterPassword"></arg>
        
</constructor>
        
<!-- The opaque master password file used to decrypt the encrypted
            database password key 
-->
        
<attribute name="KeyStorePass">
            {CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/conf/server.password
        
</attribute>
        
<attribute name="Salt">abcdefgh</attribute>
        
<attribute name="IterationCount">13</attribute>
    
</mbean>

</datasources>

在jboss4.3/jboss-as/server/default/conf/login-config.xml中增加节点:

<application-policy name="EncryptedOracleDbRealm">
    
<authentication>
        
<login-module
            
code="org.jboss.resource.security.JaasSecurityDomainIdentityLoginModule"
            flag
="required">
            
<module-option name="username">username</module-option>
            
<module-option name="password">
                3wW33nIpavHK4pd3qoNTbA
            
</module-option>
            
<module-option name="managedConnectionFactoryName">
                jboss.jca:service=LocalTxCM,name=jdbc/my-local
            
</module-option>
            
<module-option name="jaasSecurityDomain">
                jboss.security:service=JaasSecurityDomain,domain=ServerMasterPassword
            
</module-option>
        
</login-module>
    
</authentication>
</application-policy>

以上的password由下面命令得出:

E:\JBOSS\jboss4.3\jboss-as\server\default\lib>java -cp jbosssx.jar
org.jboss.security.plugins.PBEUtils abcdefgh 
13 master mypassowrd
Encoded password:  2mqrIBSpp8JVWFAqCBklhf

生成server.password文件:

E:\JBOSS\jboss4.3\jboss-as\server\default\lib>java -cp jbosssx.jar
org.jboss.security.plugins.FilePassword abcdefgh 
13 master server.password

产生后拷贝到:${jboss.server.home.dir}/conf中。

posted on 2012-01-16 18:58 paulwong 阅读(933) 评论(0)  编辑  收藏 所属分类: JBOSS


只有注册用户登录后才能发表评论。


网站导航: