본문 바로가기
인프라/MW

[Jboss&Weblogic] Encrypting Data Source Passwords

CainGwiz 2019. 12. 31. 00:12

Jboss5의 *-ds.xml & Jboss6이상의 standalone.xml 또는 *ha.xml & Weblogic의 *jdbc.xml 들에 정의되어있는 JNDI 패스워드 암호화 처리 방법에 대하여 기재한다.

암호화 처리를 위한 사용되는 라이브러리들이 각 Application 서버별 정의가 되어있으며, 버전에 따라 사용되는 라이브러리 들이 다르기에 사용 시, 공식사이트를 참조하여 사용되는 라이브러릴 참조하면 되겠다.(버전만 다를뿐 사용되는 라이브러리는 동일하다.)

#- Jboss-5* ( *-ds.xml )

#!/bin/bash 

#-------------------------------------------------------------------------- 
#-- Set Error if Variable is Not Set 
#-- Set Exit if Error is Occured 
#-------------------------------------------------------------------------- 

set -o nounset 
set -o errexit 

#-------------------------------------------------------------------------- 
# // Check Parameter & Define Variable 
#-------------------------------------------------------------------------- 

if [[ $# -lt 1 ]]; then 
    if [[ $# != $1 ]]; then 
        echo 
        echo " *** NOT FOUND CMD : $1  ***" 
        echo " ex ) ./jboss-5-enc.sh (PASSWORD)" 
        echo 
        exit 1 
    fi 
fi 

PASSWORD=$1 
JB_HOME="/RedHat/jboss-eap-5.*" 
JB_AS_DIR="${JB_HOME}/jboss-as" 
LOGGING_LIB="${JB_AS_DIR}/client/jboss-logging-spi.jar" 
JBSSX_LIB="${JB_AS_DIR}/lib/jbosssx.jar" 
ENC_CLASS="org.jboss.resource.security.SecureIdentityLoginModule" 

#--------------------------------------------------------------- 
# // Validate Parameter & Run Script 
#--------------------------------------------------------------- 

java -cp ${LOGGING_LIB}:${JBSSX_LIB} ${ENC_CLASS} ${PASSWORD}


#- Jboss-7.1.1-Final & Jboss-6* & Wildfly* ( standalone.xml or *-ha.xml or full.xml or etc )

- 7.1.1 사용시, LOGGING 모듈추가必

#!/bin/bash 

#-------------------------------------------------------------------------- 
#-- Set Error if Variable is Not Set 
#-- Set Exit if Error is Occured 
#-------------------------------------------------------------------------- 

set -o nounset 
set -o errexit 

#-------------------------------------------------------------------------- 
# // Check Parameter & Define Variable 
#-------------------------------------------------------------------------- 

if [[ $# -lt 1 ]]; then 
    if [[ $# != $1 ]]; then 
        echo 
        echo " *** NOT FOUND CMD : $1  ***" 
        echo " ex ) ./jboss-over-6-enc.sh (PASSWORD)" 
        echo 
        exit 1 
    fi 
fi 

PASSWORD=$1 
JB_HOME="/RedHat/jboss-eap-6.*" 
MODULES="${JB_HOME}/modules/system/layers/base" 
PICKETBOX_LIB="${MODULES}/org/picketbox/main/picketbox-4.1.2.Final-redhat-1.jar" 
#LOGGING_LIB="${MODULES}/org/jboss/logging/main/jboss-logging-3.1.4.GA-redhat-2.jar" 
ENC_CLASS="org.picketbox.datasource.security.SecureIdentityLoginModule" 

#--------------------------------------------------------------- 
# // Validate Parameter & Run Script 
#--------------------------------------------------------------- 

#-jboss-as-7.1.1Final(add) 
#java -cp ${PICKETBOX_LIB}:${LOGGING_LIB} ${ENC_CLASS} ${PASSWORD} 
java -cp ${PICKETBOX_LIB} ${ENC_CLASS} ${PASSWORD}


#- Weblogic ( *jdbc.xml )

#!/bin/bash 

#-------------------------------------------------------------------------- 
#-- Set Error if Variable is Not Set 
#-- Set Exit if Error is Occured 
#-------------------------------------------------------------------------- 

set -o nounset 
set -o errexit 

#-------------------------------------------------------------------------- 
# // Check Parameter & Define Variable 
#-------------------------------------------------------------------------- 

if [[ $# -lt 1 ]]; then 
    if [[ $# != $1 ]]; then 
        echo 
        echo " *** NOT FOUND CMD : $1  ***" 
        echo " ex ) ./wls-enc.sh (PASSWORD)" 
        echo 
        exit 1 
    fi 
fi 

PASSWORD=$1 
WLS_HOME="/Oracle/Middleware" 
WLS_LIB="${WLS_HOME}/wlserver_10.3/server/lib/weblogic.jar" 
WLS_DOMAIN="${WLS_HOME}/domains/$(YOUR INSTANCE NAME)" 
ENC_CLASS="weblogic.security.Encrypt" 

#--------------------------------------------------------------- 
# // Validate Parameter & Run Script 
#--------------------------------------------------------------- 

echo "[ INFO ] java -cp ${WLS_LIB} -Dweblogic.RootDirectory=${WLS_DOMAIN} ${ENC_CLASS} ${PASSWORD}" 
java -cp ${WLS_LIB} -Dweblogic.RootDirectory=${WLS_DOMAIN} ${ENC_CLASS} ${PASSWORD}

 

#- References

[ docs_jboss ] Encrypting_Data_Source_Passwords 
[ docs_redhat ] encrypting_data_source_passwords_v5 

[e-books]wildfly_datasource_security_secureidentityloginmodule 
[ docs_redhat ] JBoss_Enterprise_Application_Platform-6-API_datasource_SecureIdentityLoginModule 
[ docs_jboss ] Security_subsystem_configuration_AS7 
[ source_jboss ] PicketBox_security_jboss_sx_SecureIdentityLoginModule 

[ docs_oracle ] wls_docs81_utils17 
[ docs_oracle ] web_1111_utils

'인프라 > MW' 카테고리의 다른 글

zabbix(server)  (0) 2020.05.31
[GitLab] ID/PASSWORD STORE AFTER EASY GIT CLONE(SSH Key include Client between Server)  (0) 2019.12.26
[GitLab/Linux or Unix] password reset (Root/Admin)  (0) 2019.12.20
(Keystore)Self-Signed-Cert-Trust-Manager(InstallCert.java)  (0) 2019.10.16
SVN(Subversion)  (0) 2019.09.26

'인프라/MW' Related Articles

티스토리툴바