[jbossts-issues] [JBoss JIRA] Updated: (JBTM-616) Improve Integration of Authentication support on AppServerJDBCXARecovery plugin

Brad Maxwell (JIRA) jira-events at lists.jboss.org
Fri Jun 4 14:46:25 EDT 2010 

     [ https://jira.jboss.org/browse/JBTM-616?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brad Maxwell updated JBTM-616:
------------------------------

    Comment: was deleted

(was: I believe this issue can be marked as fixed in EAP 5.1, Jasper has added changed it such that the datasource registers with the recovery manager when the datasource is deployed.  You can not specify recover-user-name and recover-password or recover-security-domain in the datasource xml.  Also, if a recover-* is not provided, it will fall back to the security-domain or user/password specified for the xa datasource.  The ds dtd that reflects this is $JBOSS_HOME/docs/dtd/jboss-ds_5_1.dtd   I'm not sure if there is a JCA jira for the issue.

<datasources>
  <xa-datasource>
...
    <recover-security-domain>EncryptDBPassword</recover-security-domain>
...
  </xa-datasource>
</datasources>

or

<datasources>
  <xa-datasource>
...
    <recover-user-name>EncryptDBPassword</recover-user-name>
    <recover-password>EncryptDBPassword</recover-password>
...
  </xa-datasource>
</datasources>
)


> Improve Integration of Authentication support on AppServerJDBCXARecovery plugin
> -------------------------------------------------------------------------------
>
>                 Key: JBTM-616
>                 URL: https://jira.jboss.org/browse/JBTM-616
>             Project: JBoss Transaction Manager
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Recovery
>    Affects Versions: 4.2.3.CP05
>            Reporter: Brad Maxwell
>            Assignee: Jonathan Halliday
>
> JBTM-432 - Authentication support on AppServerJDBCXARecovery plugin
> This allows the jmx username/password to be specified in the jbossts-properties.xml and allows the AppServerJDBCXARecovery plugin to 
> function when the invokers are secured.
> Customers do not like having username / passwords in clear text in the jbossts-properties.xml and do not understand why the username / password has to be set in the first place.  Providing encryption support for the user/pass in the jbossts-properties.xml or better yet integrating it better so that the user/pass is not required when using secure invokers would be nice.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jbossts-issues mailing list