[jboss-user] [JCA/JBoss] - Using custom security domain to use encrypted password

priyankalavti do-not-reply at jboss.com
Thu Jul 24 23:23:14 EDT 2008


Hi Everybody,

My Requirement:
1. remove the usage of cleartext password from mysql-ds.xml 
2. Use the custom password manager to retrieve the password

Given Solution by extending the SecureIdentityLoginModule:
JBoss connector API’s provides SecureIdentityLoginModule to encrypt database passwords rather than using clear text passwords in the datasource configuration. I have extended this class and overridden the commit method, which will call password manager to retrieve the password.

Problem:
By going thru the custom login module, JBoss JCA takes ~25 milliseconds to return the connection. And this 25 milliseconds doesn't count the time to call password manager. But if I don't use cleartext password, it takes hardly 1 millisecond.

I want to understand:
1. what is done by JCA when login module is used which takes ~25 milliseconds.  
2. Is there any way I can configure JBoss JCA to verify the password only for the 1st time, and for the subsequent calls, it just returns the connection in ~1 milliseconds.

Thanks in advance,
Priyanka

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4166552#4166552

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4166552




More information about the jboss-user mailing list