To encrypt password in Jboss using CLI, you can follow the steps below. This is particularly useful if you want to encrypt password for datasource.
1) export JBOSS_HOME=/pallavi/
2) export CLASSPATH=/pallavi/jboss-eap-6.2/modules/system/layers/base/org/picketbox/main/picketbox-4.0.19.SP2-redhat-1.jar:/pallavi/modules/system/layers/base/org/jboss/logging/main/jboss-logging-3.1.2.GA-redhat-1.jar:$CLASSPATH
3) java org.picketbox.datasource.security.SecureIdentityLoginModule sa
4) Make changes in your configuration file(eg: standalone.xml) under the security tag as below (search for security:1.2 tag):-
<security-domain name="encrypted-h2ds" cache-type="default"> <authentication> <login-module code="org.picketbox.datasource.security.SecureIdentityLoginModule" flag="required"> <module-option name="username" value="sa"/> <module-option name="password" value="9fdd42c2a7390d3"/> <module-option name="managedConnectionFactoryName" value="jboss.jca:service=LocalTxCM,name=MySqlDS_Pool"/> </login-module> </authentication> </security-domain>
5) Now, remove the user name and password from datasource subsystem and add the below tag:-
<security-domain>h2ds</security-domain>
6) Now, restart the jboss instance as below and test the connectivity as below:-
[root@localhost ~]# /pallavai/bin/jboss-cli.sh [disconnected /] connect 10.21.12.235:9999 [standalone@10.21.12.235:9999 /] /subsystem=datasources/data-source=ExampleDS:test-connection-in-pool() { "outcome" => "success", "result" => [true] }