Previous Topic: Create a JDBC Data Source for JBoss Application ServersNext Topic: Create a JDBC Data Source for WebLogic

Configuration GuideRelational Database ManagementHow To Create a JDBC Data SourceCreate a JDBC Data Source for JBoss Application ServersUse a JBoss Security Realm for the JDBC Data Source

Use a JBoss Security Realm for the JDBC Data Source

Assure that you are creating a JDBC data source in a JBoss application server. You can configure the data source to use a user name and password or can configure it to use a security realm.

Important! Make sure that the JBoss Security Realm option is used if FIPS is being used.

Follow these steps:

  1. Complete the steps in Create a JDBC Data Source for JBoss Application Servers.

    Do not specify a user name and password in the userstore-ds.xml as described in step 4.

  2. Open login-cfg.xml in jboss_home\server\default\conf.
  3. Locate the following entry in the file: 
    <application-policy name="imobjectstoredb">
  <authentication>
    <login-module code="com.netegrity.jboss.datasource.PasswordEncryptedLogin" flag="required">
      <module-option name="userName">fwadmin</module-option>
      <module-option name="password">{PBES}:gSex2/BhDGzEKWvFmzca4w==</module-option>
      <module-option name="managedConnectionFactoryName">jboss.jca:name=jdbc/objectstore,service=NoTxCM</module-option>
    </login-module>
  </authentication>
</application-policy>
  4. Copy the complete entry and paste it within the <policy> and </policy> tags in the login-cfg.xml file.
  5. In the entry you pasted in the file, make the following changes:
    1. Change the name attribute value from imobjectstoredb to imuserstoredb as follows: 
      <application-policy name="imuserstoredb">
    2. Specify the name of the user used to authenticate against the user store as follows: 
      <module-option name="userName">user_store_user</module-option>
    3. Specify the password for the user in the previous step as follows: 
      <module-option name="password">user_store_user_password</module-option>

      Note: To encrypt the user store password, use the password tool (pwdtools) that is installed with CA IdentityMinder.

    4. In the <module-option name="managedConnectionFactoryName"> element, provide the correct jdbc.jca:name as follows: 
        <module-option name="managedConnectionFactoryName">

           jboss.jca:name=userstore,service=NoTxCM

        </module-option>
  6. Save the file.
  7. Restart the application server.