JBoss EAP 6 – encrypt password for SecureIdentityLoginModule

Posted on May 31, 2017 by Evan Knowles — No Comments ↓

Quick snippet on password encryption for the org.picketbox.datasource.security.SecureIdentityLoginModule which is relatively version agnostic. From your JBoss directory, run

java -cp "modules/system/layers/base/org/picketbox/main/*;modules/system/layers/base/org/jboss/logging/main/*" org.picketbox.datasource.security.SecureIdentityLoginModule EXAMPLE_PASSWORD

1	java -cp "modules/system/layers/base/org/picketbox/main/;modules/system/layers/base/org/jboss/logging/main/" org.picketbox.datasource.security.SecureIdentityLoginModule EXAMPLE_PASSWORD

It’ll output the encrypted password, which you can update your configuration with.

If you get an error, like

Error: Could not find or load main class org.picketbox.datasource.security.SecureIdentityLoginModule

1	Error: Could not find or load main class org.picketbox.datasource.security.SecureIdentityLoginModule

It’s most likely because you’ve patched your JBoss (good on you!) at some point. During the patching process, the old JARs get trashed for no readily apparent reason. Search through the .overlays folder in your system/modules/base folder and find the most recent version of Picketbox. Update the classpath to point to that version instead, and all will be good, e.g. for JBoss patched to 6.4.18

java -cp "modules\system\layers\base\.overlays\layer-base-jboss-eap-6.4.18.CP\org\picketbox\main\*;modules/system/layers/base/org/jboss/logging/main/*" org.picketbox.datasource.security.SecureIdentityLoginModule EXAMPLE_PASSWORD

1	java -cp "modules\system\layers\base\.overlays\layer-base-jboss-eap-6.4.18.CP\org\picketbox\main\;modules/system/layers/base/org/jboss/logging/main/" org.picketbox.datasource.security.SecureIdentityLoginModule EXAMPLE_PASSWORD

Tagged with: java, jboss, passwords-are-obscurity, security
Posted in Java, Security

JBoss EAP 6 – encrypt password for SecureIdentityLoginModule

Leave a Reply Cancel reply