728x90
JBoss EAP 8 이상부터는 picketbox 모듈이 없으므로, 사용할 수 없는 방법이다.
JBoss EAP 6과 7에서만 동작한다고 생각하자.
1. picketbox를 통해 데이터소스 비밀번호를 암호화 할 수 있는 스크립트 작성
#!/bin/sh
JAVA_HOME=/usr/bin
JBOSS_HOME=/sw/jboss-eap-7.4
picketbox=`find ${JBOSS_HOME} -type f -name "picketbox*" | sort | head -n 1`
jboss_logging=`find ${JBOSS_HOME} -type f -name "jboss-logging*"`
module_name=org.picketbox.datasource.security.SecureIdentityLoginModule
export CLASSPATH=${picketbox}:${jboss_logging}
if [ -d $JAVA_HOME ]; then
read -p "Input Database Password : " dbpassword
${JAVA_HOME}/java -cp $CLASSPATH ${module_name} ${dbpassword}
else
echo "JAVA 1.8 is not installed. Please install and try again."
fi
2. 스크립트 실행
3. jboss-cli.sh 기동 및 command 실행 (username 및 password는 상황에 맞게 수정)
/subsystem=security/security-domain=encryptedSecurityDomain:add(cache-type=default)
/subsystem=security/security-domain=encryptedSecurityDomain/authentication=classic:add
/subsystem=security/security-domain=encryptedSecurityDomain/authentication=classic/login-module="encryptedSecurityDomain-Module":add(code="org.picketbox.datasource.security.SecureIdentityLoginModule",flag=required, module-options={"username" => "appuser", "password" => "-7774eb5d955be659"})
reload
4. standalone-*.xml 상에 security-domain 태그 추가.
<subsystem xmlns="urn:jboss:domain:datasources:6.0">
<datasources>
<datasource jndi-name="java:/postgreDS" pool-name="postgreDS">
<connection-url>jdbc:postgresql://192.168.56.110:5432/appdb</connection-url>
<driver>postgreDriver</driver>
<security>
<security-domain>encryptedSecurityDomain</security-domain>
</security>
<validation>
<valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker"/>
<check-valid-connection-sql>select 1</check-valid-connection-sql>
<validate-on-match>false</validate-on-match>
<background-validation>true</background-validation>
<background-validation-millis>60000</background-validation-millis>
<exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter"/>
</validation>
</datasource>
<drivers>
<driver name="postgreDriver" module="com.postgresql"/>
</drivers>
</datasources>
</subsystem>
~~~~~~~~~
<subsystem xmlns="urn:jboss:domain:security:2.0">
<security-domains>
~~~~~~~~~~~
<security-domain name="encryptedSecurityDomain" cache-type="default">
<authentication>
<login-module name="encryptedSecurityDomain-Module" code="org.picketbox.datasource.security.SecureIdentityLoginModule" flag="required">
<module-option name="username" value="appuser"/>
<module-option name="password" value="-7774eb5d955be659"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
5. 재기동 후 jboss-cli.sh을 통해 커넥션 풀 테스트
[standalone@192.168.56.101:9990 /] data-source test-connection-in-pool --name=postgreDS
true'WAS > JBoss&WildFly' 카테고리의 다른 글
| [JBoss EAP 7.4] standalone-ha.xml 설정 관련 (0) | 2026.05.20 |
|---|---|
| DB connection pool 적용 우선순위? (0) | 2026.04.30 |
| [JBoss EAP 8 - standalone] 데이터소스 암호화(2026.04 업데이트) (0) | 2026.04.10 |
| [jboss 8.1] patch (0) | 2026.04.09 |
| JBoss 배포 cli command (0) | 2026.04.09 |
