Encrypting Password for Data Source

Before you beginStart the WildFly application server without any EAR deployment or with a data source that contains ibi MDM database credentials with the plain text, and then wait for the WildFly application server to start.
    Procedure
  1. On the command line, type $JBOSS_HOME/bin.
  2. Run one of the following commands:
    • For Windows: jboss-cli.bat – connect
    • For Linux: jboss-cli.sh – connect
  3. After the connection is successful, create and add the secure store for storing keys:
    /subsystem=elytron/secret-key-credential-store=${CREDENTIAL_STORE_NAME}:add( \    relative-to=jboss.server.config.dir, path=credstore/${CREDENTIAL_STORE_FILE_NAME})

    where CREDENTIAL_STORE_NAME is the name of your credential store and CREDENTIAL_STORE_FILE_NAME is the storage file where credentials information is saved. The credential store secures and stores sensitive and plain text strings by encrypting them in a storage file.
    Example:

    /subsystem=elytron/secret-key-credential-store=tibcomdm_db_cred_store:add( \    relative-to=jboss.server.config.dir, path=credstore/tibcomdm_db_cred_store.st)
  4. Add the expression resolver:
    /subsystem=elytron/expression=encryption:add( \    resolvers=[{name=${RESOLVER_NAME}, \                credential-store=${ CREDENTIAL_STORE_NAME }, \                secret-key=key}], \    default-resolver=${RESOLVER_NAME})

    Where RESOLVER_NAME is the name of the expression resolver.
    Example:

    /subsystem=elytron/expression=encryption:add( \    resolvers=[{name=tibcomdm_db_cred_resolver, \                credential-store=tibcomdm_db_cred_store, \                secret-key=key}], \    default-resolver=tibcomdm_db_cred_resolver)
  5. Generate the encrypted password:
    /subsystem=elytron/expression=encryption:create-expression(clear-text=${MDM_DB_PASSWORD})

    Where MDM_DB_PASSWORD is ibi MDM database schema password.
    Example:

    /subsystem=elytron/expression=encryption:create-expression(clear-text=mdm931password)

    The command returns the encrypted password. 

    {
    "outcome" => "success", 
    "result" => {"expression" => "${ENC::RUxZAUMQUSoia+rCq2imtR2oDycuhsf1FspBDCktKGRSq/lflts=}"}
    }
What to do next

Use the returned encrypted password in your ibi MDM data source configuration. Example:

<datasource jndi-name="java:jboss/eCMDataSource" pool-name="CIMDS" enabled="true">
<security> 
<user-name>jsmith</user-name>
<password>${ENC::RUxZAUMQUSoia+rCq2imtR2oDycuhsf1FspBDCktKGRSq/lflts=}</password>
</security>
</datasource>