DBAs and JBoss system administrators are weary of having the password to the LiveCycle database in cleartext in the data source configuration XML file. JBoss provides instructions here on how to use it in encrypt form.
1) Encrypt database password
The following command will encrypt the password “lc_password”:
java -cp C:\Programs\jboss_es2\lib\jboss-common.jar;C:\Programs\jboss_es2\lib\jboss-jmx.jar;C:\Programs\jboss_es2\server\lc_mysql\lib\jbosssx.jar;C:\Programs\jboss_es2\server\lc_mysql\lib\jboss-jca.jar org.jboss.resource.security.SecureIdentityLoginModule lc_password.
Obviously, you should replace the paths to the JAR files with yours. In the above example, the JBoss configuration is “lc_mysql”
If successful, you should get a response like as follows:
Encoded password: -2d19d44d319c1d9e008fba5553e14ea0
2) Create new Application Policy
Edit the %JBOSS_HOME%\server\lc_mysql\conf\login-config.xml file and create a new application policy that would look something like this. For Oracle, the application policy to comment out would be the “OracleDbRealm” policy.
Please note that for every one of your data sources, the policy name (EncryptDBPasswordAppPolicy) needs to unique (such as EncryptDBPasswordAppPolicy1, EncryptDBPasswordAppPolicy2, EncryptDBPasswordAppPolicy3 etc.)
3) Configure data source with the new Application Policy
Replace the following:
where “EncryptDBPasswordAppPolicy” is the name of the ‘application policy’ you created in %JBOSS_HOME%\server\\conf\login-config.xml
This has been tested to work with MySQL and Oracle. Your mileage with SQL Server etc may vary.