[jboss-jira] [JBoss JIRA] (AS7-5177) Add support for expressions in security domain module-option

Add support for expressions in security domain module-option ------------------------------------------------------------ Key: AS7-5177 URL: https://issues.jboss.org/browse/AS7-5177 Project: Application Server 7 Issue Type: Enhancement Components: Domain Management, Security Affects Versions: 7.1.1.Final, 7.1.2.Final (EAP) Reporter: John Mazzitelli Assignee: Tomaz Cerar Labels: rhq Fix For: 7.2.0.Alpha1 If I use the SecureIdentity security-domain with my datasource, and I directly hardcode the password in the security-domain definition (in standalone.xml), AS7.1.1.Final starts up fine with no errors: <security-domain name="RHQDSSecurityDomain" cache-type="default"> <authentication> <login-module code="SecureIdentity" flag="required"> <module-option name="username" value="${myser:rhqadmin}"/> <module-option name="password" value="1eeb2f255e832171df8592078de921bc"/> </login-module> </authentication> </security-domain> Notice that I use the sys prop variable in the username (${var} notation) but not for password. But now, use it for the password too: <security-domain name="RHQDSSecurityDomain" cache-type="default"> <authentication> <login-module code="SecureIdentity" flag="required"> <module-option name="username" value="${myser:rhqadmin}"/> <module-option name="password" value="${mypass:1eeb2f255e832171df8592078de921bc}"/> </login-module> </authentication> </security-domain> Notice ${mypass:1eeb...}. I do not want to hardcode the encrypted password - I want to set that system property (preferably via the -P option) so I don't hardcode it here. But when I start up AS7, I get an exception. Here's the exception I see at startup: 17:44:08,636 ERROR [org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService$AS7DataSourceDeployer] (MSC service thread 1-2) Exception during createSubject()PB00024: Access Denied:Unauthenticated caller:null: java.lang.SecurityException: PB00024: Access Denied:Unauthenticated caller:null at org.jboss.security.plugins.JBossSecuritySubjectFactory.createSubject(JBossSecuritySubjectFactory.java:89) at org.jboss.jca.deployers.common.AbstractDsDeployer$1.run(AbstractDsDeployer.java:1019) at org.jboss.jca.deployers.common.AbstractDsDeployer$1.run(AbstractDsDeployer.java:1014) at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_29] at org.jboss.jca.deployers.common.AbstractDsDeployer.createSubject(AbstractDsDeployer.java:1013) at org.jboss.jca.deployers.common.AbstractDsDeployer.deployXADataSource(AbstractDsDeployer.java:824) at org.jboss.jca.deployers.common.AbstractDsDeployer.createObjectsAndInjectValue(AbstractDsDeployer.java:338) at org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService$AS7DataSourceDeployer.deploy(AbstractDataSourceService.java:271) at org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService.start(AbstractDataSourceService.java:111) ...