JBoss Community

Can we use vault in authentication/login-module or anthentication/users?

created by Rella Guo in PicketBox Development - View the full discussion

Hello all,

 

As the article https://community.jboss.org/wiki/JBossAS7SecuringPasswords describes, we can use vault to secure datasource password. For authentication, can we also use vault to secure sensitive strings?

Just like that:

<security-realms>

            <security-realm name="ManagementRealm">

                <authentication>

                    <users>

                         <user username="test">

                             <password>${VAULT::...........}</password>

                         </user>

                    </users>

                </authentication>

            </security-realm>

</security-realms>

...

          <security-domains>

                <security-domain name="other" cache-type="default">

                    <authentication>

                        <login-module code="Remoting" flag="optional">

                            <module-option name="password-stacking" value="${VAULT::......}"/>

                        </login-module>

                    </authentication>

                </security-domain>

          <security-domains>

...

Reply to this message by going to Community

Start a new discussion in PicketBox Development at Community