...
- Create encrypted password
From command line in the JBoss installation location:
Note: <required_db_password> = your database password.No Format [Windows] $ java -cp "lib/jboss-jmx.jar;lib/jboss-common.jar;server/default/lib/jboss-jca.jar;server/default/lib/jbosssx.jar" org.jboss.resource.security.SecureIdentityLoginModule <required_db_password> Encoded password: 234a8537d08918bbe8baca2bdb0ac31dc3bc376bef610c0a [Unix-like] $ java -cp "lib/jboss-jmx.jar:lib/jboss-common.jar:server/default/lib/jboss-jca.jar:server/default/lib/jbosssx.jar" org.jboss.resource.security.SecureIdentityLoginModule <required_db_password> Encoded password: 234a8537d08918bbe8baca2bdb0ac31dc3bc376bef610c0a
- Modify pacs-mysql-ds.xml for the database (server\default\deploy\, and can be found in your dcm4chee installation directory under
server/default/deploy/pacs-mysql-ds.xml
) . Note that if you're using a different database, the naming will be slightly different, e.g.pacs-psql-ds.xml
.Code Block xml xml <datasources> <local-tx-datasource> <jndi-name>MySqlDS<name>pacsDS</jndi-name> <connection-url>jdbc:mysql://localhost:3306/pacsdb</connection-url> <driver-class>com.mysql.jdbc.Driver</driver-class> <!-- Remove/comment out the username/password information from here --> <!-- PART TO BE COMMENTED / REMOVED <user-name>username</user-name> <password>pw</password> --> <!-- NEWLY INCLUDED PART --> <!-- Use the security domain defined in conf/login-config.xml --> <security-domain>EncryptDBPassword</security-domain> <exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.MySQLExceptionSorter</exception-sorter-class-name> </local-tx-datasource> </datasources>
- Modify login-config.xml (
server\/default\/conf\/login-config.xml
)Code Block xml xml <policy> <!-- Example usage of the SecureIdentityLoginModule --> <application-policy name="EncryptDBPassword"> <authentication> <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required"> <module-option name="username">admin</module-option> <module-option name="password">234a8537d08918bbe8baca2bdb0ac31dc3bc376bef610c0a</module-option> <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS<pacsDS</module-option> </login-module> </authentication> </application-policy> </policy>
NOTE: The above configuration is for MySQL server. For all other databases, the proper name of the DB's jndi name has to be specified in the name parameter of the managedConnectionFactoryName. Ex: for MS SQL Server, substitute 'MySqlDS' with 'MSSQLDS'.
NOTE: You will need to make the same modifications to your ARR datasource file.
In order to avoid clashes with the pacsDB and ARR settings, you should rename the entries for "<security-domain>EncryptDBPassword</security-domain>" and "<application-policy name="EncryptDBPassword">".
E.g.:
Code Block | ||||
---|---|---|---|---|
| ||||
<security-domain>EncryptDBPasswordARR</security-domain>
|
and
Code Block | ||||
---|---|---|---|---|
| ||||
<application-policy name="EncryptDBPasswordARR">
|
Contributors: Vladimir Kleper and Pat Mongkolwat