Versions Compared

Old Version 2

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

  1. Create encrypted password
    From command line in the JBoss installation location:
    No Format
    [Windows]
$ java -cp "lib/jboss-jmx.jar;lib/jboss-common.jar;server/default/lib/jboss-jca.jar;server/default/lib/jbosssx.jar"
org.jboss.resource.security.SecureIdentityLoginModule <required_db_password>
Encoded password: 234a8537d08918bbe8baca2bdb0ac31dc3bc376bef610c0a

[Unix-like]
$ java -cp "lib/jboss-jmx.jar:lib/jboss-common.jar:server/default/lib/jboss-jca.jar:server/default/lib/jbosssx.jar"
org.jboss.resource.security.SecureIdentityLoginModule <required_db_password>
Encoded password: 234a8537d08918bbe8baca2bdb0ac31dc3bc376bef610c0a
    (info) Note: <required_db_password> = your database password.
  2. Modify pacs-mysql-ds.xml for the database (server\default\deploy\, and can be found in your dcm4chee installation directory under server/default/deploy/pacs-mysql-ds.xml) . Note that if you're using a different database, the naming will be slightly different, e.g. pacs-psql-ds.xml.
    Code Block
    xml
    xml
    <datasources>
 <local-tx-datasource>
  <jndi-name>MySqlDS<name>pacsDS</jndi-name>
  <connection-url>jdbc:mysql://localhost:3306/pacsdb</connection-url>
  <driver-class>com.mysql.jdbc.Driver</driver-class>

  <!-- Remove/comment out the username/password information from here -->
  <!-- PART TO BE COMMENTED / REMOVED
    <user-name>username</user-name>
    <password>pw</password>
  -->

  <!-- NEWLY INCLUDED PART -->
  <!-- Use the security domain defined in conf/login-config.xml -->
  <security-domain>EncryptDBPassword</security-domain>

  <exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.MySQLExceptionSorter</exception-sorter-class-name>
 </local-tx-datasource>
</datasources>
  3. Modify login-config.xml (server\/default\/conf\/login-config.xml)
    Code Block
    xml
    xml
    <policy>
  <!-- Example usage of the SecureIdentityLoginModule -->
  <application-policy name="EncryptDBPassword">
    <authentication>
      <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
        <module-option name="username">admin</module-option>
        <module-option name="password">234a8537d08918bbe8baca2bdb0ac31dc3bc376bef610c0a</module-option>
        <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS<pacsDS</module-option>
      </login-module>
    </authentication>
  </application-policy>
</policy>

(info) NOTE: The above configuration is for MySQL server. For all other databases, the proper name of the DB's jndi name has to be specified in the name parameter of the managedConnectionFactoryName. Ex: for MS SQL Server, substitute 'MySqlDS' with 'MSSQLDS'.

(info) NOTE: You will need to make the same modifications to your ARR datasource file.
In order to avoid clashes with the pacsDB and ARR settings, you should rename the entries for "<security-domain>EncryptDBPassword</security-domain>" and "<application-policy name="EncryptDBPassword">".
E.g.:

Code Block
xml
xml

  <security-domain>EncryptDBPasswordARR</security-domain>

and

Code Block
xml
xml

  <application-policy name="EncryptDBPasswordARR">

Contributors: Vladimir Kleper and Pat Mongkolwat