Copy JDBC driver (postgresql-9.1-901.jdbc4.jar) to $JBOSS_HOME\standalone\deployments folder
a. Create folder named postgresql under:
$JBOSS_HOME\modules\org
That will bring new directory:
$JBOSS_HOME\modules\org\postgresql
b. Create Sub Folder named main under:
$JBOSS_HOME\modules\org\postgresql
That will bring new directory:
$JBOSS_HOME\modules\org\postgresql\main
c. Copy JDBC driver to main folder:
$JBOSS_HOME\modules\org\postgresql\main
d. Create file named module.xml with contents
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.0" name="org.postgresql">
<resources>
<resource-root path="postgresql-9.1-901.jdbc4.jar"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.transaction.api"/>
</dependencies>
</module>
It will configure database driver with name given in attribute value. For this example name of module will be org.postgresql
Open $JBOSS_HOME/standalone/configuration/standalone.xml Add following Node at path: /server/profile/subsystem/ datasources/ <datasource jndi-name="jboss/datasources/jdbc/MyDS" pool-name="jboss/datasources/jdbc/MYDS_Pool" enabled="true" jta="true" use-java-context="true" use-ccm="true"> <connection-url>jdbc:postgresql://localhost/gisdb</connection-url> <driver-class>org.postgresql.Driver</driver-class> <driver>postgresql-jdbc4</driver> <security> <security-domain>encrypted-ds</security-domain> </security> </datasource> Add following Node at path /server/profile/subsystem/ datasources/ drivers <driver name="postgresql-jdbc4" module="org.postgresql"/> Note: Note that value of the module should be same as given in first step while adding database driver as a module. It will create Data Source with name jboss/datasources/jdbc/MyDS That can be accessed from java source with name java:/ jboss/datasources/jdbc/MyDS
We have not provided password for database connection while defining data-source. If you want to specify you can replace security node with following:
<security>
<user-name>db_user_name</user-name>
<password>db_password</password>
</security>
Since password is written there as plain text so it is not secure.
In order to secure the database password in data source, configure Encrypted Data Source.
<security>
<security-domain>encrypted-ds</security-domain>
</security>
To define Encrypted DS, Add following node to path: /server/profile/subsystem/security-domains
<security-domain name="encrypted-ds" cache-type="default">
<authentication>
<login-module code="org.picketbox.datasource.security.SecureIdentityLoginModule" flag="required">
<module-option name="username" value="user_name"/>
<module-option name="password" value="48d5a747e6dae9dddf8592078de921bc"/>
<module-option name="managedConnectionFactoryName" value="jboss.jca:service=LocalTxCM,name=jboss/datasources/jdbc/GISCore_Pool"/>
</login-module>
</authentication>
</security-domain>
The node defines a DS which is having user name as user_name while password is encrypted password.
To generate Encrypted password use following command:
java -classpath %JBOSS_HOME%\modules\org\picketbox\main\picketbox-4.0.1.jar;%JBOSS_HOME%\modules\org\jboss\logging\main\jboss-logging-3.0.1.GA.jar org.picketbox.datasource.security.SecureIdentityLoginModule user_password
user_password is actual password of database.
It will generate encrypted password displayed on command line.
To Define Security Domain for JAAS, Add following node to path:
/server/profile/subsystem/security-domains
<security-domain name="LmktAcm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:/jboss/datasources/jdbc/MYDS"/>
<module-option name="principalsQuery" value="select login_password from t_acm_user where username=?"/>
<module-option name="rolesQuery" value="select role, 'Roles' from t_acm_user where username=?"/>
</login-module>
</authentication>
</security-domain>