Enterprise Administration GuideConfiguring PUPM Endpoints › Prepare a JBoss Application to Use a Database (JDBC) Password Consumer

Previous Topic: Configuring PUPM Endpoints

Next Topic: Customize the Datasource Configuration Files for Microsoft SQL Server

Prepare a JBoss Application to Use a Database (JDBC) Password Consumer

You can use JDBC database password consumer to replace hard-coded passwords in applications that use JDBC to connect to a database. Whenever an application provides a password for authentication purposes, the PUPM Agent gets the privileged account password from CA Access Control Enterprise Management and replaces the hard-coded password with the privileged account password.

Before you configure the databases that the password consumer uses, you should prepare the endpoint to use a JDBC password consumer.

To prepare a JBoss application to use a database (JDBC) password consumer

  1. Verify that CA Access Control is installed on the endpoint with the PUPM Integration feature enabled, and that the application that connects to the database uses JRE 1.5 or later.

    Note: Install CA Access Control on the endpoint on which the application that connects to the database is installed. You do not need to install CA Access Control on the database host.

  2. Stop the application that connects to the database, if it is running.
  3. Navigate to the following directory, where ACInstallDir is the directory in which you installed CA Access Control: 
    ACInstallDir/SDK/JDBC
  4. Locate the following files:
  5. Copy the CAJDBCService.sar to the following directory, where JBOSS_HOME is the directory where you installed JBoss: 
    JBOSS_HOME/server/default/deploy
  6. Copy the files CAJDBCDriver.jar, CAPUPMClientCommons.jar, and jsafeFIPS.jar to the following directory: 
    JBOSS_HOME/server/lib
  7. On the Enterprise Management Server, locate the data source XML files you defined for the password consumer.
  8. Open the files for editing. Do one of the following:

    You customize the datasource configuration files to specify the database connection settings and datasource class.

  9. Start CA Access Control.

    You have configured the endpoint to use the password consumer. You must now create a password consumer for the application in CA Access Control Enterprise Management. You start the application after you create the password consumer.

More information:

Password Consumer Example: JDBC Database

Create a Password Consumer