[JBoss-dev] Using custom security domain to use encrypted password
Galder Zamarreno
galder.zamarreno at redhat.com
Fri Jul 25 05:02:45 EDT 2008
Please, use the public user forums.
Priyanka Maheshwari wrote:
> Hi Everybody,
>
> My Requirement:
> 1. remove the usage of cleartext password from mysql-ds.xml
> 2. Use the custom password manager to retrieve the password
>
> Given Solution by extending the SecureIdentityLoginModule:
> JBoss connector API’s provides SecureIdentityLoginModule to encrypt database
> passwords rather than using clear text passwords in the datasource
> configuration. I have extended this class and overridden the commit method,
> which will call password manager to retrieve the password.
>
> Problem:
> By going thru the above approach of custom login module, JBoss JCA takes ~25
> milliseconds to return the connection. And this 25 milliseconds doesn't
> count the time to call password manager. But if I don't use cleartext
> password, it takes hardly 1 millisecond.
>
> I want to understand:
> 1. what is done by JCA when login module is used which takes ~25
> milliseconds.
> 2. Is there any way I can configure JBoss JCA to verify the password only
> for the 1st time, and for the subsequent calls, it just returns the
> connection in ~1 milliseconds.
>
> Thanks in advance,
> Priyanka
--
Galder Zamarreño
Sr. Software Maintenance Engineer
JBoss, a division of Red Hat
More information about the jboss-development
mailing list