Encrypt database password
You can encrypt the database password in the data source with standard WildFly functionality using a security domain and picketbox. Execute the steps below:
1. Open the command prompt in the following location ...\Server\wildfly-*.
2. Encrypt the password using the following command, you can select any password.
Make sure to replace the jdk-* (lookup \Server) and picketbox-* (lookup '...\wildfly-*\modules\system\layers\base\org\picketbox\main) with the versions of your installation:
<java installation location ..\Server\jdk-*\bin\>java -cp modules\system\layers\base\org\picketbox\main\picketbox-*.Final.jar
org.picketbox.datasource.security.SecureIdentityLoginModule Plan$QL
3. Start the CLI.
4. Add the EncryptDBPassword security domain:
/system-property=pn.encryptdbpassword.domain.username:write-attribute(name=value, value="USERNAMEVALUE")
5. Add the login module to the security domain:
/system-property=pn.encryptdbpassword.domain.password:write-attribute(name=value, value="PASSWORDVALUE")
6. Remove the following attributes using CLI; they will be replaced with the security domain.
/subsystem=datasources/data-source=PlanonDS/:undefine-attribute(name=password)
/subsystem=datasources/data-source=PlanonDS/:undefine-attribute(name=user-name)
7. Add the security domain:
/subsystem=datasources/data-source=PlanonDS/:write-attribute(name=security-domain,
value=EncryptDBPassword)